CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7636
https://notcve.org/view.php?id=CVE-2016-7636
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Security" component, which allows man-in-the-middle attackers to cause a denial of service (application crash) via vectors related to OCSP responder URLs. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. macOS en versiones anteriores a 10.12.2 está afectado. watchOS en versiones anteriores a 3.1.3 está afectado. El problema involucra al componente "Security", que permite a atacantes man-in-the-middle provocar una denegación de servicio (caída de la aplicación) a través de vectores relacionados con URLs de respuesta OCSP. • http://www.securityfocus.com/bid/94905 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207422 https://support.apple.com/HT207423 https://support.apple.com/HT207487 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7607
https://notcve.org/view.php?id=CVE-2016-7607
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component, which allows attackers to obtain sensitive information from kernel memory via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. macOS en versiones anteriores a 10.12.2 está afectado. watchOS en versiones anteriores a 3.1.3 está afectado. El problema involucra al componente "Kernel", que permite a atacantes obtener información sensible de la memoria del kérnel a través de una aplicación manipulada. • http://www.securityfocus.com/bid/94905 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207422 https://support.apple.com/HT207423 https://support.apple.com/HT207487 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 1CVE-2016-7612 – Apple macOS < 10.12.2 / iOS < 10.2 Kernel - ipc_port_t Reference Count Leak Due to Incorrect externalMethod Overrides Use-After-Free
https://notcve.org/view.php?id=CVE-2016-7612
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. macOS en versiones anteriores a 10.12.2 está afectado. watchOS en versiones anteriores a 3.1.3 está afectado. El problema involucra al componente "Kernel". • https://www.exploit-db.com/exploits/40955 http://www.securityfocus.com/bid/94905 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207422 https://support.apple.com/HT207423 https://support.apple.com/HT207487 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2016-4688
https://notcve.org/view.php?id=CVE-2016-4688
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted font. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. tvOS en versiones anteriores a 10.0.1 está afectado. watchOS en versiones anteriores a 3.1 está afectado. watchOS en versiones anteriores a 3.1.3 está afectado. El problema involucra el componente "FontParser". • http://www.securityfocus.com/bid/94572 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207269 https://support.apple.com/HT207270 https://support.apple.com/HT207271 https://support.apple.com/HT207275 https://support.apple.com/HT207487 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7600
https://notcve.org/view.php?id=CVE-2016-7600
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "OpenPAM" component, which allows local users to obtain sensitive information by leveraging mishandling of failed PAM authentication by a sandboxed app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "OpenPAM" que permite a usuarios locales obtener información sensible aprovechando el manejo incorrecto de una autenticación PAM fallida por una app aislada. • http://www.securityfocus.com/bid/94903 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207423 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •