CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-1865 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-1865
19 Jul 2016 — The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors. El kernel en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a usuarios locales provocar una denegación de servicio (referencia a puntero NULL) a través de vectores no especificados. OS X... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4604 – Apple Security Advisory 2016-07-18-2
https://notcve.org/view.php?id=CVE-2016-4604
19 Jul 2016 — Safari in Apple iOS before 9.3.3 allows remote attackers to spoof the displayed URL via an HTTP response specifying redirection to an invalid TCP port number. Safari en Apple iOS en versiones anteriores a 9.3.3 permite a atacantes remotos suplantar la URL visualizada a través de una respuesta HTTP especificando redirección a un número de puerto TCP no valido. iOS 9.3.3 is now available and addresses denial of service, code execution, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.1EPSS: 3%CPEs: 4EXPL: 0CVE-2016-4585 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4585
19 Jul 2016 — Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari. Vulnerabilidad de XSS en la implementación de WebKit Page Loading en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos inye... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 8%CPEs: 9EXPL: 0CVE-2016-4607 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-4607
19 Jul 2016 — libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4608, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612. libxslt en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, iTunes en versiones a ... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 8%CPEs: 9EXPL: 0CVE-2016-4608 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-4608
19 Jul 2016 — libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612. libxslt en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, iTunes en versiones an... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4590 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4590
19 Jul 2016 — WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles about: URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. Webkit en Apple iOS en versiones anteriores a 9.3.3 y Safari en versiones anteriores a 9.1.2 no maneja correctamente about: URLs, lo que permite a atacantes remotos eludir la Same Origin Policy a través de un sitio web manipulado. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tr... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2016-4631 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-4631
19 Jul 2016 — ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF file. ImageIO en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria... • https://github.com/hansnielsen/tiffdisabler • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 1CVE-2016-4637 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-4637
19 Jul 2016 — CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted BMP image. CoreGraphics en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción ... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2016-4624 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4624
19 Jul 2016 — WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4622, and CVE-2016-4623. WebKit en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupc... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 10EXPL: 0CVE-2016-4610 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-4610
19 Jul 2016 — libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, and CVE-2016-4612. libxslt en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, iTunes en versiones an... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •