CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4670
https://notcve.org/view.php?id=CVE-2016-4670
20 Feb 2017 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "Security" component. It allows local users to discover lengths of arbitrary passwords by reading a log. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. El problema involucra al componente "Security". • http://www.securityfocus.com/bid/94433 • CWE-255: Credentials Management Errors •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7581
https://notcve.org/view.php?id=CVE-2016-7581
20 Feb 2017 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue involves the "Safari" component, which allows remote web servers to cause a denial of service via a crafted URL. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. El problema involucra al componente "Safari", que permite a atacantes remotos de servidores web provocar una denegación de servicio a través de una URL manipulada. • http://www.securityfocus.com/bid/94432 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-7613
https://notcve.org/view.php?id=CVE-2016-7613
20 Feb 2017 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages object-lifetime mishandling during process spawning. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anterior... • http://www.securityfocus.com/bid/94116 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7765
https://notcve.org/view.php?id=CVE-2016-7765
20 Feb 2017 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Clipboard" component, which allows physically proximate attackers to obtain sensitive information in the lockscreen state by viewing clipboard contents. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. El problema involucra al componente "Clipboard", que permite a atacantes próximos físicamente obtener información sensible en el estado de bloqueo ... • https://support.apple.com/HT207422 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-7667
https://notcve.org/view.php?id=CVE-2016-7667
20 Feb 2017 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service via a crafted string. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "CoreText". • https://support.apple.com/HT207422 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-7630 – Apple iOS legacy-diagnostics Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-7630
20 Feb 2017 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "WebSheet" component, which allows attackers to bypass a sandbox protection mechanism via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. El problema involucra al componente "WebSheet", que permite a atacantes eludir el mecanismo de protección de aislamiento a través de vectores no especificados. This vulnerability allows remo... • https://support.apple.com/HT207422 • CWE-254: 7PK - Security Features •
CVSS: 6.5EPSS: 1%CPEs: 2EXPL: 2CVE-2017-2364 – Apple WebKit 10.0.2(12602.3.12.0.1) - 'Frame::setDocument ' Universal Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-2364
24 Jan 2017 — An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2.1 está afectado. • https://packetstorm.news/files/id/141952 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 19%CPEs: 4EXPL: 8CVE-2017-2370 – Apple macOS 10.12.1 / iOS 10.2 - Kernel Userspace Pointer Memory Corruption
https://notcve.org/view.php?id=CVE-2017-2370
24 Jan 2017 — An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (buffer overflow) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2.1 está afectado. macOS en versiones anteriores a 10.12.3 e... • https://packetstorm.news/files/id/140743 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2366 – Gentoo Linux Security Advisory 201706-15
https://notcve.org/view.php?id=CVE-2017-2366
24 Jan 2017 — An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2.1 está afectado. • http://www.securityfocus.com/bid/95733 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 17%CPEs: 3EXPL: 2CVE-2017-2362 – Apple WebKit - 'HTMLFormElement::reset()' Use-After Free
https://notcve.org/view.php?id=CVE-2017-2362
24 Jan 2017 — An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2.1 está afectado. • https://packetstorm.news/files/id/140864 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •