CVSS: 8.8EPSS: 0%CPEs: 29EXPL: 0CVE-2017-6458
https://notcve.org/view.php?id=CVE-2017-6458
Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable. Múltiples desbordamientos de búfer en las funciones ctl_put * en NTP en versiones anteriores a 4.2.8p10 y 4.3.x en versiones anteriores a 4.3.94 permiten a usuarios remotos autenticados tener un impacto no especificado a través de una variable larga. • http://packetstormsecurity.com/files/142284/Slackware-Security-Advisory-ntp-Updates.html http://seclists.org/fulldisclosure/2017/Nov/7 http://seclists.org/fulldisclosure/2017/Sep/62 http://support.ntp.org/bin/view/Main/NtpBug3379 http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu http://www.securityfocus.com/archive/1/archive/1/540464/100/0/threaded http://www.securityfocus.com/bid/97051 http://www.securitytracker.com/id/1038123 http://www.u • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2017-2415
https://notcve.org/view.php?id=CVE-2017-2415
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code by leveraging an unspecified "type confusion." Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • http://www.securityfocus.com/bid/97143 http://www.securitytracker.com/id/1038137 https://security.gentoo.org/glsa/201706-15 https://support.apple.com/HT207600 https://support.apple.com/HT207601 https://support.apple.com/HT207602 https://support.apple.com/HT207617 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7628
https://notcve.org/view.php?id=CVE-2016-7628
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Assets" component, which allows local users to bypass intended permission restrictions and change a downloaded mobile asset via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "Assets", que permite a usuarios locales eludir las restricciones de permiso previstas y cambiar una herramienta para móviles descargada a través de vectores no especificados. • http://www.securityfocus.com/bid/94903 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207423 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4670
https://notcve.org/view.php?id=CVE-2016-4670
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "Security" component. It allows local users to discover lengths of arbitrary passwords by reading a log. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. El problema involucra al componente "Security". • http://www.securityfocus.com/bid/94433 https://support.apple.com/HT207271 https://support.apple.com/HT207275 • CWE-255: Credentials Management Errors •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4721
https://notcve.org/view.php?id=CVE-2016-4721
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "IDS - Connectivity" component, which allows man-in-the-middle attackers to spoof calls via a "switch caller" notification. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. El problema involucra al componente "IDS - Connectivity" que permite a atacantes man-in-the-middle suplantar llamadas a través de notificaciones "switch caller". • http://www.securityfocus.com/bid/94429 https://support.apple.com/HT207271 https://support.apple.com/HT207275 • CWE-254: 7PK - Security Features •