CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4689 – Apple Security Advisory 2016-12-12-1
https://notcve.org/view.php?id=CVE-2016-4689
12 Dec 2016 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Mail" component, which does not alert the user to an S/MIME email signature that used a revoked certificate. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. El problema involucra el componente "Mail", que no alerta al usuario de una firma de correo electrónico S/MIME que utiliza un certificado revocado. This advisory provides additional informati... • http://www.securityfocus.com/bid/94850 • CWE-254: 7PK - Security Features •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-7651 – Apple Security Advisory 2016-12-12-1
https://notcve.org/view.php?id=CVE-2016-7651
12 Dec 2016 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. watchOS before 3.1.1 is affected. The issue involves the "Accounts" component, which allows local users to bypass intended authorization restrictions by leveraging the mishandling of an app uninstall. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. watchOS en versiones anteriores a 3.1.1 está afectado. El problema involucra al componente "Accounts", que permite a usuari... • http://www.securityfocus.com/bid/94851 • CWE-285: Improper Authorization •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-7578 – Ubuntu Security Notice USN-3166-1
https://notcve.org/view.php?id=CVE-2016-7578
28 Oct 2016 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. • http://www.securityfocus.com/bid/93949 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7579 – Apple Security Advisory 2016-10-24-1
https://notcve.org/view.php?id=CVE-2016-7579
24 Oct 2016 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. The issue involves the "CFNetwork Proxies" component, which allows man-in-the-middle attackers to spoof a proxy password authentication requirement and obtain sensitive information. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. tvOS en versiones ant... • http://www.securityfocus.com/bid/93856 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4677 – Apple Safari JavaScriptCore Array Out-Of-Bounds Access Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-4677
24 Oct 2016 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. • http://www.securityfocus.com/bid/93853 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 1%CPEs: 4EXPL: 0CVE-2016-4660 – Apple Security Advisory 2016-10-24-1
https://notcve.org/view.php?id=CVE-2016-4660
24 Oct 2016 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "FontParser" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted font. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriore... • http://www.securityfocus.com/bid/93849 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4664 – Apple Security Advisory 2016-10-24-1
https://notcve.org/view.php?id=CVE-2016-4664
24 Oct 2016 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Sandbox Profiles" component, which allows attackers to read photo-directory metadata via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. tvOS en versiones anteriores a 10.0.1 está afectado. watchOS en versiones anteriores a 3.1 está afectado. El problema involucra el c... • http://www.securityfocus.com/bid/93854 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4679 – Apple Security Advisory 2016-10-24-1
https://notcve.org/view.php?id=CVE-2016-4679
24 Oct 2016 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "libarchive" component, which allows remote attackers to write to arbitrary files via a crafted archive containing a symlink. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. tvOS en versiones ante... • http://www.securityfocus.com/bid/93849 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4675 – Apple Security Advisory 2016-10-24-1
https://notcve.org/view.php?id=CVE-2016-4675
24 Oct 2016 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "libxpc" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. tvOS en versiones anteriores a 10.0.1 e... • http://www.securityfocus.com/bid/93849 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4666 – Ubuntu Security Notice USN-3166-1
https://notcve.org/view.php?id=CVE-2016-4666
24 Oct 2016 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. • http://www.securityfocus.com/bid/93851 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •