CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2016-4738
https://notcve.org/view.php?id=CVE-2016-4738
libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. libxslt en Apple iOS en versiones anteriores a 10, OS X en versiones anteriores a 10.12, tvOS en versiones anteriores a 10 y watchOS en versiones anteriores a 3 permite a atacantes remotos ejecutar un código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html http://www.debian.org/security/2016/dsa-3709 http://www.securityfocus.com/bid/93054 http://www.securitytracker.com/id/1036858 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4753
https://notcve.org/view.php?id=CVE-2016-4753
Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 mishandle signed disk images, which allows attackers to execute arbitrary code in a privileged context via a crafted app. Apple iOS en versiones anteriores a 10, OS X en versiones anteriores a 10.12, tvOS en versiones anteriores a 10 y watchOS en versiones anteriores a 3 no maneja correctamente imágenes de disco indicado, lo que permite a atacantes ejecutar código arbitrario en un contexto privilegiado a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html http://www.securityfocus.com/bid/93059 http://www.securitytracker.com/id/1036858 https://support.apple.com/HT207141 https://support.apple.com/HT207142 https://support.apple.com/HT207143 https:// • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 7%CPEs: 4EXPL: 0CVE-2016-4772
https://notcve.org/view.php?id=CVE-2016-4772
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to cause a denial of service (unintended lock) via unspecified vectors. El kernel en WebKit en Apple iTunes en versiones anteriores a 10, OS X en versiones anteriores a 10.12, tvOS en versiones anteriores a 10 y watchOS en versiones anteriores a 3 permite a atacantes remotos provocar una denegación de servicio (bloqueo no intencionado) a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html http://www.securityfocus.com/bid/93054 http://www.securitytracker.com/id/1036858 https://support.apple.com/HT207141 https://support.apple.com/HT207142 https://support.apple.com/HT207143 https:// • CWE-399: Resource Management Errors •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4773
https://notcve.org/view.php?id=CVE-2016-4773
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4774 and CVE-2016-4776. El kernel en Apple iOS en versiones anteriores a 10, OS X en versiones anteriores a 10.12, tvOS en versiones anteriores a 10 y watchOS en versiones anteriores a 3 permite a atacantes obtener información sensible de estructura de memoria o provocar una denegación de servicio (lectura fuera de límites) a través de una aplicación manipulada, una vulnerabilidad diferente a CVE-2016-4774 y CVE-2016-4776. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html http://www.securityfocus.com/bid/93054 http://www.securitytracker.com/id/1036858 https://support.apple.com/HT207141 https://support.apple.com/HT207142 https://support.apple.com/HT207143 https:// • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4774
https://notcve.org/view.php?id=CVE-2016-4774
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4776. El kernel en Apple iOS en versiones anteriores a 10, OS X en versiones anteriores a 10.12, tvOS en versiones anteriores a 10 y watchOS en versiones anteriores a 3 permite a atacantes obtener información sensible de estructura de memoria o provocar una denegación de servicio (lectura fuera de límites) a través de una aplicación manipulada, una vulnerabilidad diferente a CVE-2016-4773 y CVE-2016-4776. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html http://www.securityfocus.com/bid/93054 http://www.securitytracker.com/id/1036858 https://support.apple.com/HT207141 https://support.apple.com/HT207142 https://support.apple.com/HT207143 https:// • CWE-125: Out-of-bounds Read •