CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2548 – Apple macOS WindowServer XSetWindowListBrightness Out-Of-Bounds Access Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-2548
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "WindowServer" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 https://support.apple.com/HT207797 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2534 – Apple macOS speechsynthesisd Unsigned Dylib Loading Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-2534
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Speech Framework" component. It allows attackers to conduct sandbox-escape attacks via a crafted app. Se detectó un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 https://support.apple.com/HT207797 •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6977 – Apple macOS speechsynthesisd Unsigned Dylib Loading Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-6977
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Speech Framework" component. It allows attackers to conduct sandbox-escape attacks or cause a denial of service (memory corruption) via a crafted app. Se detectó un problema en ciertos productos de Apple. MacOS versiones anteriores a 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 https://support.apple.com/HT207797 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2540 – Apple macOS WindowServer _XGetConnectionPSN Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-2540
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "WindowServer" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 https://support.apple.com/HT207797 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2541 – Apple macOS WindowServer _XGetWindowMovementGroup Stack-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-2541
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "WindowServer" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 https://support.apple.com/HT207797 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •