CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7625 – Apple OS X IOReportUserClient Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-7625
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOKit" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "IOKit". • http://www.securityfocus.com/bid/94903 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207423 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7605
https://notcve.org/view.php?id=CVE-2016-7605
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "Bluetooth". • http://www.securityfocus.com/bid/94903 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207423 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7761
https://notcve.org/view.php?id=CVE-2016-7761
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "WiFi" component, which allows local users to obtain sensitive network-configuration information by leveraging global storage. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "WiFi", que permite a usuarios locales obtener información sensible de la configuración red aprovechando el almacenamiento global. • https://support.apple.com/HT207423 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4721
https://notcve.org/view.php?id=CVE-2016-4721
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "IDS - Connectivity" component, which allows man-in-the-middle attackers to spoof calls via a "switch caller" notification. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. El problema involucra al componente "IDS - Connectivity" que permite a atacantes man-in-the-middle suplantar llamadas a través de notificaciones "switch caller". • http://www.securityfocus.com/bid/94429 https://support.apple.com/HT207271 https://support.apple.com/HT207275 • CWE-254: 7PK - Security Features •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7618
https://notcve.org/view.php?id=CVE-2016-7618
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Foundation" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .gcx file. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "Foundation". • http://www.securityfocus.com/bid/94903 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207423 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •