CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2458 – Apple Security Advisory 2017-03-27-5
https://notcve.org/view.php?id=CVE-2017-2458
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Keyboards" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.12.4 está afectado. tvOS en versiones anter... • http://www.securityfocus.com/bid/97137 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 4%CPEs: 4EXPL: 0CVE-2017-2461 – Apple Security Advisory 2017-03-27-5
https://notcve.org/view.php?id=CVE-2017-2461
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (resource consumption) via a crafted text message. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.12.4 está afectado. tvOS en versiones ant... • http://www.securityfocus.com/bid/97137 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 22%CPEs: 3EXPL: 2CVE-2017-2466 – Apple WebKit - 'ComposedTreeIterator::traverseNextInShadowTree' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-2466
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • https://packetstorm.news/files/id/141969 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2376 – Gentoo Linux Security Advisory 201706-15
https://notcve.org/view.php?id=CVE-2017-2376
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar by leveraging text input during the loading of a page. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • http://www.securityfocus.com/bid/97129 •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2401 – Apple Security Advisory 2017-03-27-5
https://notcve.org/view.php?id=CVE-2017-2401
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.12.4 está af... • http://www.securityfocus.com/bid/97137 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 4EXPL: 3CVE-2017-2456 – Apple macOS/IOS 10.12.2 (16C67) - 'mach_msg' Heap Overflow
https://notcve.org/view.php?id=CVE-2017-2456
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.12.4 está afectado. tvOS en versiones anteriore... • https://packetstorm.news/files/id/141990 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2412 – Apple Security Advisory 2017-03-27-4
https://notcve.org/view.php?id=CVE-2017-2412
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "iTunes Store" component. It allows man-in-the-middle attackers to modify the client-server data stream to iTunes sandbox web services by leveraging use of cleartext HTTP. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. El problema involucra al componente "iTunes Store". • http://www.securityfocus.com/bid/97138 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2439 – Apple Security Advisory 2017-03-27-5
https://notcve.org/view.php?id=CVE-2017-2439
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted font file. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteri... • http://www.securityfocus.com/bid/97137 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2398 – Apple Security Advisory 2017-03-27-4
https://notcve.org/view.php?id=CVE-2017-2398
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.12.4 está afectado. El problema involucra al componente "Kernel". • http://www.securityfocus.com/bid/97147 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2453 – Apple Security Advisory 2017-03-27-4
https://notcve.org/view.php?id=CVE-2017-2453
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof FaceTime prompts in the user interface via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • http://www.securityfocus.com/bid/97129 • CWE-20: Improper Input Validation •