CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2544 – Apple Safari Array concat Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2544
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se descubrió un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. • http://www.securityfocus.com/bid/98474 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 0CVE-2017-2513 – Apple Security Advisory 2017-05-15-3
https://notcve.org/view.php?id=CVE-2017-2513
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. A use-after-free vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SQL statement. Un problema fue descubierto en ciertos productos de Apple. iOS versión anterior a 10.3.2 se ve afectado. MacOS versión anterior ... • http://www.securityfocus.com/bid/98468 • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2017-2549 – Apple Security Advisory 2017-05-15-3
https://notcve.org/view.php?id=CVE-2017-2549
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with frame loading. Se ha detectado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.2 se ve afectado. • http://www.securityfocus.com/bid/98473 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2017-6991 – Apple Safari WebSQL Type Confusion Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-6991
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se descubrió un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. macOS anterior a versión 10.12.5 está afectado. El problema involucra el componente "SQLite". • http://www.securitytracker.com/id/1038484 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2496 – Ubuntu Security Notice USN-3303-1
https://notcve.org/view.php?id=CVE-2017-2496
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se descubrió un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. • http://www.securityfocus.com/bid/98474 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2017-2508 – WebKit - 'ContainerNode::parserInsertBefore' Universal Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-2508
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with container nodes. Se detectó un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. • https://www.exploit-db.com/exploits/42066 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2017-6982 – Apple iOS < 10.3.2 - Notifications API Denial of Service
https://notcve.org/view.php?id=CVE-2017-6982
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. The issue involves the "Notifications" component. It allows attackers to cause a denial of service via a crafted app. Se descubrió un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. El problema involucra el componente "Notifications". • https://packetstorm.news/files/id/142571 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2497 – Apple Security Advisory 2017-05-15-2
https://notcve.org/view.php?id=CVE-2017-2497
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "iBooks" component. It allows remote attackers to trigger visits to arbitrary URLs via a crafted book. Se descubrió un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. macOS anterior a versión 10.12.5 está afectado. El problema involucra el componente "iBooks". • http://www.securitytracker.com/id/1038484 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2017-2505 – Apple Security Advisory 2017-05-15-3
https://notcve.org/view.php?id=CVE-2017-2505
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Fue encontrado un problema en algunos productos de Apple. iOS anteriores a la versión 10.3.2 se ven afectados. • https://packetstorm.news/files/id/142664 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 1CVE-2017-6989 – Apple iOS < 10.3.1 - Kernel
https://notcve.org/view.php?id=CVE-2017-6989
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "AVEVideoEncoder" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha detectado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.2 se ve afectado. TVOS versión anterior a 10.2.1 se ve afectado. • https://www.exploit-db.com/exploits/42555 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •