CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2017-13799 – Apple Security Advisory 2017-10-31-2
https://notcve.org/view.php?id=CVE-2017-13799
01 Nov 2017 — An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en algunos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11.1, las versiones de macOS anterior... • http://www.securitytracker.com/id/1039703 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2017-13788 – Gentoo Linux Security Advisory 201712-01
https://notcve.org/view.php?id=CVE-2017-13788
01 Nov 2017 — An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • http://www.securitytracker.com/id/1039703 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 13%CPEs: 7EXPL: 2CVE-2017-13798 – WebKit - 'WebCore::RenderObject::previousSibling' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-13798
01 Nov 2017 — An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • https://packetstorm.news/files/id/145101 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 14%CPEs: 7EXPL: 2CVE-2017-13784 – WebKit - 'WebCore::SimpleLineLayout::RunResolver::runForPoint' Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2017-13784
01 Nov 2017 — An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • https://packetstorm.news/files/id/145089 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-13804 – Apple Security Advisory 2017-10-31-2
https://notcve.org/view.php?id=CVE-2017-13804
01 Nov 2017 — An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "StreamingZip" component. It allows remote attackers to write to unintended pathnames via a crafted ZIP archive. Se ha descubierto un problema en algunos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11.1, las versiones de macOS anteriores a la 10.13.1, las versiones de tvOS anteri... • http://www.securitytracker.com/id/1039703 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 22%CPEs: 7EXPL: 2CVE-2017-13794 – WebKit - 'WebCore::DocumentLoader::frameLoader' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-13794
01 Nov 2017 — An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • https://packetstorm.news/files/id/145092 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 14%CPEs: 7EXPL: 1CVE-2017-13795 – WebKit - 'WebCore::AXObjectCache::performDeferredCacheUpdate' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-13795
01 Nov 2017 — An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • https://www.exploit-db.com/exploits/43169 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 2CVE-2017-11122 – Broadcom ICMPv6 Information Leak
https://notcve.org/view.php?id=CVE-2017-11122
02 Oct 2017 — On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading. En chips Wi-Fi de Broadcom con modelo BCM4355C0 y firmware 9.44.78.27.0.1.56, un atacante puede provocar una fuga de información por una validación de longitudes insuficiente. Esto está relacionado con la descarga de anuncios de router ICMPv6. Broadcom suffers from an information leak vulnerability in ICMPv6 router advertis... • http://packetstormsecurity.com/files/144461/Broadcom-ICMPv6-Information-Leak.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2017-7099 – Apple Security Advisory 2017-09-25-3
https://notcve.org/view.php?id=CVE-2017-7099
28 Sep 2017 — An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/100998 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 4%CPEs: 4EXPL: 0CVE-2017-7086 – Apple Security Advisory 2017-10-31-8
https://notcve.org/view.php?id=CVE-2017-7086
28 Sep 2017 — An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "libc" component. It allows remote attackers to cause a denial of service (resource consumption) via a crafted string that is mishandled by the glob function. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11, las versiones de macOS anteriores a la 1... • http://www.securityfocus.com/bid/100990 • CWE-400: Uncontrolled Resource Consumption •