Page 222 of 2319 results (0.020 seconds)

CVSS: 9.8EPSS: 9%CPEs: 7EXPL: 0

CVE-2016-4614 – Apple Security Advisory 2016-07-18-3

https://notcve.org/view.php?id=CVE-2016-4614

19 Jul 2016 — libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4615, CVE-2016-4616, and CVE-2016-4619. libxml2 en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, iTunes en versiones anteriores a 12.4... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2016-4627 – Apple Security Advisory 2016-07-18-3

https://notcve.org/view.php?id=CVE-2016-4627

19 Jul 2016 — IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. IOAcceleratoFamily en Apple iOS en versiones anteriores a 9.3.3, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (referencia a puntero NULL) a través de vectores no especificados. watchO... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-476: NULL Pointer Dereference •

CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 0

CVE-2016-4587 – WebKitGTK+ SOP Bypass / Information Disclosure

https://notcve.org/view.php?id=CVE-2016-4587

19 Jul 2016 — WebKit in Apple iOS before 9.3.3 and tvOS before 9.2.2 allows remote attackers to obtain sensitive information from uninitialized process memory via a crafted web site. WebKit en Apple iOS en versiones anteriores a 9.3.3 y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos obtener información sensible de procesos de memoria no inicializados a través de un sitio web manipulado. WebKitGTK+ suffers from same-origin bypass, information disclosure, memory corruption, and various other vulnerabiliti... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-4635 – Apple Security Advisory 2016-07-18-2

https://notcve.org/view.php?id=CVE-2016-4635

19 Jul 2016 — FaceTime in Apple iOS before 9.3.3 and OS X before 10.11.6 allows man-in-the-middle attackers to spoof relayed-call termination, and obtain sensitive audio information in opportunistic circumstances, via unspecified vectors. FaceTime en Apple iOS en versiones anteriores a 9.3.3 y OS X en versiones anteriores a 10.11.6 permite a atacantes man-in-the-middle suplantar la retransmisión de llamada y obtener información de audio sensible en circunstancias oportunistas, a través de vectores no especificados. OS X ... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2016-4594 – Apple Security Advisory 2016-07-18-3

https://notcve.org/view.php?id=CVE-2016-4594

19 Jul 2016 — The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an API call. El componente Sandbox Profiles en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a atacantes acceder a la lista de procesos a través de una aplicación manipulada que hace una llama... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 3%CPEs: 4EXPL: 0

CVE-2016-4591 – WebKitGTK+ SOP Bypass / Information Disclosure

https://notcve.org/view.php?id=CVE-2016-4591

19 Jul 2016 — WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors. Webkit en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 no maneja correctamente la variable de localización, lo que permite a atacantes remotos acceder al sistema de archivos local a través de vectores no especificados. A large number of se... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-284: Improper Access Control •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2016-4582 – Apple Security Advisory 2016-07-18-3

https://notcve.org/view.php?id=CVE-2016-4582

19 Jul 2016 — The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4653. El kernel en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a usuarios locales obtener privilegios o provocar ... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2016-4650 – Apple OS X IOHIDFamily Heap Buffer Overflow Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2016-4650

19 Jul 2016 — Heap-based buffer overflow in IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Desbordamiento de búfer basado en memoria dinámica en IOHIDFamily en Apple iOS en versiones anteriores a 9.3.2, OS X en versiones anteriores a 10.11.5 y tvOS en versiones anteriores a 9.2.1 permite a atacantes ejecutar código arbitrario en un contexto privilegiado ... • http://www.securityfocus.com/bid/92034 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0

CVE-2016-4624 – WebKitGTK+ SOP Bypass / Information Disclosure

https://notcve.org/view.php?id=CVE-2016-4624

19 Jul 2016 — WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4622, and CVE-2016-4623. WebKit en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupc... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 2%CPEs: 10EXPL: 0

CVE-2016-4610 – Apple Security Advisory 2016-07-18-3

https://notcve.org/view.php?id=CVE-2016-4610

19 Jul 2016 — libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, and CVE-2016-4612. libxslt en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, iTunes en versiones an... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •