CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-4765 – Ubuntu Security Notice USN-3166-1
https://notcve.org/view.php?id=CVE-2016-4765
20 Sep 2016 — WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4766, CVE-2016-4767, and CVE-2016-4768. WebKit en Apple iOS en versiones anteriores a 10, tvOS en versiones anteriores a 10, iTunes en versiones anteriores a 12.5.1 en Windows y Safari en versiones anteriores a 10 permite a atacantes... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4737 – Apple Security Advisory 2016-09-20-2
https://notcve.org/view.php?id=CVE-2016-4737
20 Sep 2016 — WebKit in Apple iOS before 10, Safari before 10, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. WebKit en Apple iOS en versiones anteriores a 10, Safari en versiones anteriores a 10, tvOS en versiones anteriores a 10 y watchOS en versiones anteriores a 3 permite a atacantes remotos ejecutar un código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4774 – Apple Security Advisory 2016-09-20-5
https://notcve.org/view.php?id=CVE-2016-4774
20 Sep 2016 — The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4776. El kernel en Apple iOS en versiones anteriores a 10, OS X en versiones anteriores a 10.12, tvOS en versiones anteriores a 10 y watchOS en versiones anteriores a 3 permite a atacantes obtener información sensible de estructura... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4719 – Apple Security Advisory 2016-09-13-1
https://notcve.org/view.php?id=CVE-2016-4719
14 Sep 2016 — The GeoServices component in Apple iOS before 10 and watchOS before 3 does not properly restrict access to PlaceData information, which allows attackers to discover physical locations via a crafted application. El componente GeoServices en Apple iOS en versiones anteriores a 10 y watchOS en versiones anteriores a 3 no restringe adecuadamente los accesos a información PlaceData, lo que permite a atacantes descubrir ubicaciones físicas a través de una aplicación manipulada. iOS 10 is now available and address... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00004.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4749 – Apple Security Advisory 2016-09-13-1
https://notcve.org/view.php?id=CVE-2016-4749
14 Sep 2016 — Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file. Printing UIKit en Apple iOS en versiones anteriores a 10 no maneja adecuadamente variables de entorno, lo que permite a usuarios locales descubrir la vista previa del contenido AirPrint en texto plano mediante la lectura de un archivo temporal. iOS 10 is now available and addresses network blocking, information disclosure, and various ot... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4746 – Apple Security Advisory 2016-09-13-1
https://notcve.org/view.php?id=CVE-2016-4746
14 Sep 2016 — The Keyboards component in Apple iOS before 10 does not properly use a cache for auto-correct suggestions, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging an unintended correction. El componente Keyboards en Apple iOS en versiones anteriores a 10 no utiliza adecuadamente una caché para sugerencias de autocorrección, lo que permite a atacantes remotos obtener información sensible en circunstancias oportunistas aprovechando una corrección no intencion... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4620 – Apple Security Advisory 2016-09-13-1
https://notcve.org/view.php?id=CVE-2016-4620
14 Sep 2016 — The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to directory metadata for SMS draft directories, which allows attackers to discover text-message recipients via a crafted app. El componente Sandbox Profiles en Apple iOS en versiones anteriores a 10 no restringe adecuadamente el acceso a los metadatos del directorio para directorios de borradores de SMS, lo que permite a atacantes descubrir receptores de mensajes de texto a través de una aplicación manipulada. iOS 10 is... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4747 – Apple Security Advisory 2016-09-13-1
https://notcve.org/view.php?id=CVE-2016-4747
14 Sep 2016 — Mail in Apple iOS before 10 mishandles certificates, which makes it easier for man-in-the-middle attackers to discover mail credentials via unspecified vectors. Mail en Apple iOS en versiones anteriores a 10 no maneja adecuadamente certificados, lo que facilita a atacantes man-in-the-middle descubrir credenciales de correo a través de vectores no especificados. iOS 10 is now available and addresses network blocking, information disclosure, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4740 – Apple Security Advisory 2016-09-13-1
https://notcve.org/view.php?id=CVE-2016-4740
14 Sep 2016 — Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin has occurred before displaying messages, which might allow attackers to obtain sensitive information via unspecified vectors. Apple iOS en versiones anteriores a 10, cuando se utiliza Handoff para Messages, no asegura que ha ocurrido un registro en Messages antes de mostrar mensajes, lo que podría permitir a atacantes obtener información sensible a través de vectores no especificados. iOS 10 is now available and a... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4741 – Apple Security Advisory 2016-09-13-1
https://notcve.org/view.php?id=CVE-2016-4741
14 Sep 2016 — The Assets component in Apple iOS before 10 allows man-in-the-middle attackers to block software updates via vectors related to lack of an HTTPS session for retrieving updates. El componente Assets en Apple iOS en versiones anteriores a 10 permite a atacantes man-in-the-middle bloquear actualizaciones de software a través de vectores relacionados con falta de una sesión HTTPS para la recuperación de actualizaciones. iOS 10 is now available and addresses network blocking, information disclosure, and various ... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00002.html • CWE-254: 7PK - Security Features •