CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4605 – Apple Security Advisory 2016-07-18-2
https://notcve.org/view.php?id=CVE-2016-4605
19 Jul 2016 — Calendar in Apple iOS before 9.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted invitation. Calendar en Apple iOS en versiones anteriores a la 9.3.3 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL y reinicio de dispositivo) a través de una invitación manipulada. iOS 9.3.3 is now available and addresses denial of service, code execution, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-476: NULL Pointer Dereference •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4593 – Apple Security Advisory 2016-07-18-2
https://notcve.org/view.php?id=CVE-2016-4593
19 Jul 2016 — The Siri Contacts component in Apple iOS before 9.3.3 allows physically proximate attackers to read arbitrary Contact card information via unspecified vectors. El componente Siri Contacts en Apple iOS en versiones anteriores a 9.3.3 permite a atacantes físicamente próximos leer información arbitraria de tarjeta Contact a través de vectores no especificados. iOS 9.3.3 is now available and addresses denial of service, code execution, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 9%CPEs: 7EXPL: 0CVE-2016-4616 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-4616
19 Jul 2016 — libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4615, and CVE-2016-4619. libxml2 en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, iTunes en versiones anteriores a 12.4... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2016-4589 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4589
19 Jul 2016 — WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4622, CVE-2016-4623, and CVE-2016-4624. WebKit en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupc... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 2%CPEs: 5EXPL: 0CVE-2016-4592 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4592
19 Jul 2016 — WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted web site. Webkit en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos provocar una denegación del servicio (consumo de memoria) a través de un sitio web manipulado. WebKitGTK+ suffers from same-origin bypass, information disclosure, memory corrupti... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4628 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-4628
19 Jul 2016 — IOAcceleratorFamily in Apple iOS before 9.3.3 and watchOS before 2.2.2 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via unspecified vectors. IOAcceleratoFamily en Apple iOS en versiones anteriores a 9.3.3 y watchOS en versiones anteriores a 2.2.2 permite a usuarios locales obtener información sensible del kernel de memoria o provocar una denegación de servicio (lectura fuera de rango) a través de vectores no especificados. watchOS 2.... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 9%CPEs: 7EXPL: 0CVE-2016-4615 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-4615
19 Jul 2016 — libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4616, and CVE-2016-4619. libxml2 en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, iTunes en versiones anteriores a 12.4... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4584 – Apple Security Advisory 2016-07-18-2
https://notcve.org/view.php?id=CVE-2016-4584
19 Jul 2016 — The WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. La implementación de WebKit Page Loading en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 9EXPL: 0CVE-2015-7987
https://notcve.org/view.php?id=CVE-2015-7987
26 Jun 2016 — Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function. Múltiples desbordamientos de buffer en mDNSResponder en versiones anteriores a 625.41.2 permiten a atacantes remotos leer o escribir en posiciones de memoria fuera de los límites a través de vectores implicando la función (1) GetValueForIPv4Ad... • http://www.kb.cert.org/vuls/id/143335 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 9EXPL: 0CVE-2015-7988
https://notcve.org/view.php?id=CVE-2015-7988
26 Jun 2016 — The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors. La función handle_regservice_request en mDNSResponder en versiones anteriores a 625.41.2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (referencia a puntero NULL) a través de vectores no especificados. • http://www.kb.cert.org/vuls/id/143335 •