Page 212 of 2117 results (0.020 seconds)

CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-4724

https://notcve.org/view.php?id=CVE-2016-4724

IOAcceleratorFamily in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. IOAcceleratorFamily en Apple iOS en versiones anteriores a 10 y OS X en versiones anteriores a 10.12 permite a atacantes ejecutar un código arbitrario en un contexto privilegiado o provocar una denegación de servicio (referencia a puntero NULL) a través a de una app manipulada. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html http://www.securityfocus.com/bid/93056 http://www.securitytracker.com/id/1036858 https://support.apple.com/HT207143 https://support.apple.com/HT207170 • CWE-476: NULL Pointer Dereference •

CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0

CVE-2016-4773

https://notcve.org/view.php?id=CVE-2016-4773

The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4774 and CVE-2016-4776. El kernel en Apple iOS en versiones anteriores a 10, OS X en versiones anteriores a 10.12, tvOS en versiones anteriores a 10 y watchOS en versiones anteriores a 3 permite a atacantes obtener información sensible de estructura de memoria o provocar una denegación de servicio (lectura fuera de límites) a través de una aplicación manipulada, una vulnerabilidad diferente a CVE-2016-4774 y CVE-2016-4776. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html http://www.securityfocus.com/bid/93054 http://www.securitytracker.com/id/1036858 https://support.apple.com/HT207141 https://support.apple.com/HT207142 https://support.apple.com/HT207143 https:// • CWE-125: Out-of-bounds Read •

CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0

CVE-2016-4778

https://notcve.org/view.php?id=CVE-2016-4778

The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. El kernel en Apple iOS en versiones anteriores a 10, OS X en versiones anteriores a 10.12, tvOS en versiones anteriores a 10 y watchOS en versiones anteriores a 3 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o provocar una denegación de servicio (corrupción de memoria) a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html http://www.securityfocus.com/bid/93054 http://www.securitytracker.com/id/1036858 https://support.apple.com/HT207141 https://support.apple.com/HT207142 https://support.apple.com/HT207143 https:// • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 2%CPEs: 5EXPL: 0

CVE-2016-4658 – libxml2: Use after free via namespace node in XPointer ranges

https://notcve.org/view.php?id=CVE-2016-4658

xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document. xpointer.c en libxml2, en versiones anteriores a la 2.9.5 (tal y como se usa en Apple iOS en versiones anteriores a la 10, OS X en versiones anteriores a la 10.12, tvOS en versiones anteriores a la 10 y watchOS en versiones anteriores a la 3 y otros productos) no prohíbe los nodos de espacio de nombre en los rangos XPointer. Esto permite que atacantes remotos ejecuten código arbitrario o provoquen una denegación de servicio (uso de memoria previamente liberada y corrupción de memoria) mediante un documento XML manipulado. A use-after-free flaw was found in the Xpointer implementation of libxml2. An attacker could use this flaw against an application parsing untrusted XML files and compiled with libxml2 to leak small amount of memory data. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html http://www.securityfocus.com/bid/93054 http://www.securitytracker.com/id/1036858 http://www.securitytracker.com/id/1038623 https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •

CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0

CVE-2016-4702

https://notcve.org/view.php?id=CVE-2016-4702

Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Audio en Apple iOS en versiones anteriores a 10, OS X en versiones anteriores a 10.12, tvOS en versiones anteriores a 10 y watchOS en versiones anteriores a 3 permite a atacantes remotos ejecutar un código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html http://www.securityfocus.com/bid/93054 http://www.securitytracker.com/id/1036858 https://support.apple.com/HT207141 https://support.apple.com/HT207142 https://support.apple.com/HT207143 https:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •