CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2017-7093 – Apple Safari BoundFunction Out-Of-Bounds Access Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-7093
26 Sep 2017 — An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/100994 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2017-7065 – Broadcom 802.11v WNM Sleep Mode Response Heap Overflow
https://notcve.org/view.php?id=CVE-2017-7065
26 Sep 2017 — An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. The issue involves the "Wi-Fi" component. It allows remote attackers to execute arbitrary code (on the Wi-Fi chip) or cause a denial of service (memory corruption) by leveraging proximity for 802.11. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 10.3.3, las versiones de macOS anteriores a la 10.12.6 y las versione... • http://www.securityfocus.com/bid/100655 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 29%CPEs: 6EXPL: 1CVE-2017-7092 – Apple Safari String link Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-7092
26 Sep 2017 — An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. • https://github.com/xuechiyaobai/CVE-2017-7092-PoC • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2017-7091 – Apple Safari RenderFlowThread Out-Of-Bounds Access Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-7091
26 Sep 2017 — An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/100995 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 24%CPEs: 4EXPL: 4CVE-2017-11120 – Apple iOS 10.2 - Broadcom Out-of-Bounds Write when Handling 802.11k Neighbor Report Response
https://notcve.org/view.php?id=CVE-2017-11120
26 Sep 2017 — On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204. En los chips Wi-Fi Broadcom BCM4355C0 versión 9.44.78.27.0.1.56 y otros chips, un atacante puede crear un frame del RRM Neighbor Report Frame Handler malformadopara desencadenar un desbordamiento interno de búfer en el firmware Wi-Fi, también conocido como B-V2017061204. iOS 11 addresses TLS weaknesse... • https://packetstorm.news/files/id/144328 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2017-7111 – Apple Safari RegExp replace Out-Of-Bounds Access Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-7111
26 Sep 2017 — An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/100986 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2017-7095 – Apple Safari JSString Out-Of-Bounds Access Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-7095
26 Sep 2017 — An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/101006 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7097 – Apple Security Advisory 2017-10-31-9
https://notcve.org/view.php?id=CVE-2017-7097
20 Sep 2017 — An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Mail MessageUI" component. It allows attackers to cause a denial of service (memory corruption) via a crafted image. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11. • http://www.securityfocus.com/bid/100929 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-7116 – Apple WLC_E_COUNTRY_CODE_CHANGED Information Leak
https://notcve.org/view.php?id=CVE-2017-7116
20 Sep 2017 — An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to read data from kernel memory locations via crafted Wi-Fi traffic. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11, las versiones de tvOS anteriores a la 11 y las versiones de watchOS anteriores a la 4. • http://www.securityfocus.com/bid/100927 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 6%CPEs: 6EXPL: 3CVE-2017-7089 – Webkit (Safari) - Universal Cross-site Scripting
https://notcve.org/view.php?id=CVE-2017-7089
20 Sep 2017 — An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that is mishandled during parent-tab processing. Se ha descubierto un problema en ciertos productos Apple. • https://www.exploit-db.com/exploits/45866 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •