CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-7641 – Apple Security Advisory 2016-12-13-4
https://notcve.org/view.php?id=CVE-2016-7641
14 Dec 2016 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. • http://www.securityfocus.com/bid/94907 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2016-7650 – Apple Security Advisory 2016-12-13-5
https://notcve.org/view.php?id=CVE-2016-7650
14 Dec 2016 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. The issue involves the "Safari Reader" component, which allows remote attackers to conduct UXSS attacks via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. Safari en versiones anteriores a 10.0.2 está afectado. • http://www.securityfocus.com/bid/94915 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7627 – Apple Security Advisory 2016-12-13-1
https://notcve.org/view.php?id=CVE-2016-7627
14 Dec 2016 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "CoreGraphics" component. It allows attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted font. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. macOS en versiones anteriores a 10.12.2 está afectado. watchOS en versiones anteriores a ... • http://www.securityfocus.com/bid/94905 • CWE-476: NULL Pointer Dereference •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-7592 – Apple Security Advisory 2016-12-13-4
https://notcve.org/view.php?id=CVE-2016-7592
14 Dec 2016 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component, which allows remote attackers to obtain sensitive information via crafted JavaScript prompts on a web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. Safari en versiones anteriores a 10.0.2 está afectado. iCloud en versiones... • http://www.securityfocus.com/bid/94909 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7616 – Apple OS X IOKit Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-7616
13 Dec 2016 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Disk Images" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. macOS en versiones anteriores a 10.12.2 está afectado. watchOS en vers... • http://www.securityfocus.com/bid/94905 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-7610 – Apple Safari RenderObject Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-7610
13 Dec 2016 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. • http://www.securityfocus.com/bid/94907 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2016-7611 – Apple Safari HTMLLabelElement Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-7611
13 Dec 2016 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. • http://www.securityfocus.com/bid/94907 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4781 – Apple Security Advisory 2016-12-12-1
https://notcve.org/view.php?id=CVE-2016-4781
12 Dec 2016 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "SpringBoard" component, which allows physically proximate attackers to bypass the passcode attempt counter and unlock a device via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. El problema involucra al componente "SpringBoard", que permite a atacantes próximos físicamente eludir el contador de intentos de código de acceso y... • http://www.securityfocus.com/bid/94850 • CWE-254: 7PK - Security Features •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7601 – Apple Security Advisory 2016-12-12-1
https://notcve.org/view.php?id=CVE-2016-7601
12 Dec 2016 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Local Authentication" component, which does not honor the configured screen-lock time interval if the Touch ID prompt is visible. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. El problema involucra al componente "Local Authentication", que no respeta el intervalo de tiempo de bloqueo de pantalla configurado si el indicador de ID de toque está v... • http://www.securityfocus.com/bid/94850 • CWE-254: 7PK - Security Features •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7653 – Apple Security Advisory 2016-12-12-1
https://notcve.org/view.php?id=CVE-2016-7653
12 Dec 2016 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Media Player" component, which allows physically proximate attackers to obtain sensitive photo and contact information by leveraging lockscreen access. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. El problema involucra al componente "Media Player" que permite a atacantes próximos físicamente obtener fotos e información de contacto sensibles ap... • http://www.securityfocus.com/bid/94850 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •