CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-7577
https://notcve.org/view.php?id=CVE-2016-7577
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "FaceTime" component, which allows remote attackers to trigger memory corruption and obtain audio data from a call that appeared to have ended. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. El problema involucra al componente "FaceTime", que permite a atacantes remotos desencadenar corrupción de memoria y obtener datos de audio de una llamada que aparentemente ha terminado. • http://www.securityfocus.com/bid/94429 https://support.apple.com/HT207271 https://support.apple.com/HT207275 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-7655
https://notcve.org/view.php?id=CVE-2016-7655
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the "CoreMedia External Displays" component. It allows local users to gain privileges or cause a denial of service (type confusion) via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "CoreMedia External Displays". • http://www.securityfocus.com/bid/94906 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207422 https://support.apple.com/HT207423 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7628
https://notcve.org/view.php?id=CVE-2016-7628
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Assets" component, which allows local users to bypass intended permission restrictions and change a downloaded mobile asset via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "Assets", que permite a usuarios locales eludir las restricciones de permiso previstas y cambiar una herramienta para móviles descargada a través de vectores no especificados. • http://www.securityfocus.com/bid/94903 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207423 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2017-2353 – Apple macOS 10.12.1 / iOS Kernel - 'IOService::matchPassive' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-2353
An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.3 está afectado. El problema involucra al componente "Bluetooth". • https://www.exploit-db.com/exploits/41164 http://www.securityfocus.com/bid/95723 http://www.securitytracker.com/id/1037671 https://support.apple.com/HT207483 • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2357
https://notcve.org/view.php?id=CVE-2017-2357
An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "IOAudioFamily" component. It allows attackers to obtain sensitive kernel memory-layout information via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.3 está afectado. El problema involucra al componente "IOAudioFamily". • http://www.securityfocus.com/bid/95723 http://www.securitytracker.com/id/1037671 https://support.apple.com/HT207483 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •