CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-7085 – Apple Security Advisory 2017-09-25-3
https://notcve.org/view.php?id=CVE-2017-7085
20 Sep 2017 — An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/100895 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 10%CPEs: 3EXPL: 0CVE-2017-7105 – Apple assembleBGScanResults Heap Overflow
https://notcve.org/view.php?id=CVE-2017-7105
20 Sep 2017 — An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via crafted Wi-Fi traffic. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11, las versiones de tvOS anteriores a la 11 y las version... • http://www.securityfocus.com/bid/100927 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.9EPSS: 0%CPEs: 30EXPL: 0CVE-2017-14315 – Apple Security Advisory 2019-5-13-6
https://notcve.org/view.php?id=CVE-2017-14315
12 Sep 2017 — In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attacker can use this overflow to gain full control of the device through the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control; however, the default "Bluetooth On" v... • http://seclists.org/fulldisclosure/2019/May/24 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2278
https://notcve.org/view.php?id=CVE-2017-2278
02 Aug 2017 — The RBB SPEED TEST App for Android version 2.0.3 and earlier, RBB SPEED TEST App for iOS version 2.1.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Las versiones 2.0.3 y anteriores de la aplicación RBB SPEED TEST App para Android, así como las versiones 2.1.0 y anteriores para iOS no verifican certificados X.509 desde servidores SSL. Esto permite a los atacantes que reali... • http://www.iid.co.jp/information/170714.html • CWE-295: Improper Certificate Validation •
CVSS: 8.8EPSS: 22%CPEs: 4EXPL: 4CVE-2017-7047 – Apple macOS/iOS - 'xpc_data' Objects Sandbox Escape Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-7047
20 Jul 2017 — An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libxpc" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Fue encontrado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.3 se ve afectado. MacOS versión anterior a 10.12.6 se ve afecta... • https://packetstorm.news/files/id/143624 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 0CVE-2017-7025 – Apple Security Advisory 2017-07-19-1
https://notcve.org/view.php?id=CVE-2017-7025
20 Jul 2017 — An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Fue encontrado un problema en ciertos productos de Apple. iOS anterior a versión 10.3.3 se ve afectado. MacOS anterior a versión 10.12.6 se ve afecta... • http://www.securityfocus.com/bid/99883 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-7029 – Apple Security Advisory 2017-07-19-1
https://notcve.org/view.php?id=CVE-2017-7029
20 Jul 2017 — An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. Fue encontrado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.3 se ve afectado. MacOS versión anterior a 10.12.6 se ve afectado. • http://www.securityfocus.com/bid/99883 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 2%CPEs: 6EXPL: 2CVE-2017-7043 – WebKit - 'WebCore::AccessibilityRenderObject::handleAriaExpandedChanged' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-7043
20 Jul 2017 — An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un error en ciertos productos de Apple. • https://packetstorm.news/files/id/143487 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2017-7060 – Apple Security Advisory 2017-07-19-1
https://notcve.org/view.php?id=CVE-2017-7060
20 Jul 2017 — An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. The issue involves the "Safari Printing" component. It allows remote attackers to cause a denial of service (excessive print dialogs) via a crafted web site. Fue encontrado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.3 se ve afectado. • http://www.securityfocus.com/bid/99887 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2517 – Apple Security Advisory 2017-07-19-1
https://notcve.org/view.php?id=CVE-2017-2517
20 Jul 2017 — An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site. Se detectó un problema en ciertos productos de Apple. iOS anterior a la versión 10.3.3 está afectado. El problema involucra el componente "Safari". • http://www.securityfocus.com/bid/99891 • CWE-20: Improper Input Validation •