CVSS: 8.8EPSS: 21%CPEs: 5EXPL: 2CVE-2017-6984 – WebKit JSC - 'Intl.getCanonicalLocales' Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-6984
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. iTunes before 12.6.1 on Windows is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha detectado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.2 se ve afectado. • https://packetstorm.news/files/id/142971 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 6%CPEs: 2EXPL: 2CVE-2017-2514 – Apple WebKit / Safari 10.0.3(12602.4.8) - 'WebCore::FrameView::scheduleRelayout' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-2514
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se descubrió un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. • https://packetstorm.news/files/id/142659 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 32%CPEs: 4EXPL: 2CVE-2017-2521 – WebKit JSC - 'JSObject::ensureLength' ensureLengthSlow Check Failure
https://notcve.org/view.php?id=CVE-2017-2521
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Fue encontrado un problema en algunos productos de Apple. iOS anteriores a la versión 10.3.2 se ven afectados. • https://packetstorm.news/files/id/142767 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 34%CPEs: 4EXPL: 2CVE-2017-2524 – Apple macOS/iOS - 'TIKeyboardLayout initWithCoder:' NSKeyedArchiver Heap Corruption Due to Rounding Error
https://notcve.org/view.php?id=CVE-2017-2524
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "TextInput" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted data. Fue encontrado un problema en algunos productos de Apple. iOS anteriores a la versión 10.3.2 se ven afectados. macOS anterior a la versión 10.... • https://packetstorm.news/files/id/142650 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 20%CPEs: 3EXPL: 2CVE-2017-2515 – WebKit - 'FrameLoader::clear' Stealing Variables via Page Navigation
https://notcve.org/view.php?id=CVE-2017-2515
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Un problema fue encontrado en ciertos productos de Apple. iOS versión anterior a 10.3.2 se ve afectado. • https://packetstorm.news/files/id/142669 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6981 – Apple Security Advisory 2017-05-15-2
https://notcve.org/view.php?id=CVE-2017-6981
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "iBooks" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that uses symlinks. Se detectó un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. macOS anterior a versión 10.12.5 está afectado. El problema involucra al componente "iBooks". • http://www.securitytracker.com/id/1038484 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2495 – Apple Security Advisory 2017-05-15-7
https://notcve.org/view.php?id=CVE-2017-2495
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to cause a denial of service (application crash) via a crafted web site that improperly interacts with the history menu. Se descubrió un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. • http://www.securityfocus.com/bid/98474 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2544 – Apple Safari Array concat Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2544
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se descubrió un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. • http://www.securityfocus.com/bid/98474 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2496 – Ubuntu Security Notice USN-3303-1
https://notcve.org/view.php?id=CVE-2017-2496
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se descubrió un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. • http://www.securityfocus.com/bid/98474 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2017-2508 – WebKit - 'ContainerNode::parserInsertBefore' Universal Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-2508
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with container nodes. Se detectó un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. • https://www.exploit-db.com/exploits/42066 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •