CVSS: 8.8EPSS: 70%CPEs: 7EXPL: 1CVE-2017-13791 – WebKit - 'WebCore::FormSubmission::create' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-13791
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • https://www.exploit-db.com/exploits/43176 http://www.securitytracker.com/id/1039703 https://security.gentoo.org/glsa/201712-01 https://support.apple.com/HT208219 https://support.apple.com/HT208222 https://support.apple.com/HT208223 https://support.apple.com/HT208224 https://support.apple.com/HT208225 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2017-13849 – iOS < 11.1 / tvOS < 11.1 / watchOS < 4.1 - Denial of Service
https://notcve.org/view.php?id=CVE-2017-13849
An issue was discovered in certain Apple products. iOS before 11.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (application crash) via a crafted text file. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.1, las versiones de tvOS anteriores a la 11.1 y las versiones de watchOS anteriores a la 4.1 se han visto afectadas. • https://www.exploit-db.com/exploits/43161 http://www.securityfocus.com/bid/101691 http://www.securitytracker.com/id/1039703 https://support.apple.com/HT208219 https://support.apple.com/HT208220 https://support.apple.com/HT208222 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 61%CPEs: 7EXPL: 1CVE-2017-13795 – WebKit - 'WebCore::AXObjectCache::performDeferredCacheUpdate' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-13795
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • https://www.exploit-db.com/exploits/43169 http://www.securitytracker.com/id/1039703 https://security.gentoo.org/glsa/201712-01 https://support.apple.com/HT208219 https://support.apple.com/HT208222 https://support.apple.com/HT208223 https://support.apple.com/HT208224 https://support.apple.com/HT208225 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-13793 – Apple Safari Node Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-13793
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • http://www.securitytracker.com/id/1039703 https://security.gentoo.org/glsa/201712-01 https://support.apple.com/HT208219 https://support.apple.com/HT208222 https://support.apple.com/HT208223 https://support.apple.com/HT208224 https://support.apple.com/HT208225 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 2CVE-2017-11122
https://notcve.org/view.php?id=CVE-2017-11122
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading. En chips Wi-Fi de Broadcom con modelo BCM4355C0 y firmware 9.44.78.27.0.1.56, un atacante puede provocar una fuga de información por una validación de longitudes insuficiente. Esto está relacionado con la descarga de anuncios de router ICMPv6. • http://packetstormsecurity.com/files/144461/Broadcom-ICMPv6-Information-Leak.html https://bugs.chromium.org/p/project-zero/issues/detail?id=1300 https://support.apple.com/HT208112 https://support.apple.com/HT208113 https://support.apple.com/en-us/HT208112 https://support.apple.com/en-us/HT208113 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •