CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1855 – Apple Security Advisory 2016-05-16-1
https://notcve.org/view.php?id=CVE-2016-1855
17 May 2016 — WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1856, and CVE-2016-1857. WebKit, como se utiliza en Apple iOS en versiones anteriores a 9.3.2, Safari en versiones anteriores a 9.1.1 y tvOS en versiones anteriores a 9.2.1, permite a atacantes remotos ejecutar código arbitrario o causar una deneg... • http://lists.apple.com/archives/security-announce/2016/May/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 4%CPEs: 4EXPL: 0CVE-2016-1856 – Apple Safari TextTrack Object Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-1856
17 May 2016 — WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1855, and CVE-2016-1857. WebKit, como se utiliza en Apple iOS en versiones anteriores a 9.3.2, Safari en versiones anteriores a 9.1.1 y tvOS en versiones anteriores a 9.2.1, permite a atacantes remotos ejecutar código arbitrario o causar una deneg... • http://lists.apple.com/archives/security-announce/2016/May/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 4%CPEs: 4EXPL: 0CVE-2016-1857 – Apple Safari ArrayStorage DFG Optimization Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-1857
17 May 2016 — WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1855, and CVE-2016-1856. WebKit, como se utiliza en Apple iOS en versiones anteriores a 9.3.2, Safari en versiones anteriores a 9.1.1 y tvOS en versiones anteriores a 9.2.1, permite a atacantes remotos ejecutar código arbitrario o causar una deneg... • http://lists.apple.com/archives/security-announce/2016/May/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 4%CPEs: 4EXPL: 0CVE-2016-1859 – Apple Safari GraphicsContext Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-1859
17 May 2016 — The WebKit Canvas implementation in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. La implementación WebKit Canvas en Apple iOS en versiones anteriores a 9.3.2, Safari en versiones anteriores a 9.1.1 y tvOS en versiones anteriores a 9.2.1 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de una... • http://lists.apple.com/archives/security-announce/2016/May/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-1748 – Apple Security Advisory 2016-03-21-2
https://notcve.org/view.php?id=CVE-2016-1748
22 Mar 2016 — IOHIDFamily in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. IOHIDFamily en Apple iOS en versiones anteriores a 9.3, OS X en versiones anteriores a 10.11.4, tvOS en versiones anteriores a 9.2 y watchOS en versiones anteriores a 2.2 permite a atacantes obtener información sensible de la estructura de memoria del kernel a través de una app manipulada. OS X El Capitan 10.11.4 and Securi... • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1751 – Apple Security Advisory 2016-03-21-2
https://notcve.org/view.php?id=CVE-2016-1751
22 Mar 2016 — The kernel in Apple iOS before 9.3, tvOS before 9.2, and watchOS before 2.2 does not properly restrict the execute permission, which allows attackers to bypass a code-signing protection mechanism via a crafted app. El kernel en Apple iOS en versiones anteriores a 9.3, tvOS en versiones anteriores a 9.2 y watchOS en versiones anteriores a 2.2 no restringe adecuadamente el permiso de ejecución, lo que permite a atacantes eludir un mecanismo de protección de firmado de código a través de una app manipulada. wa... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2016-1752 – Apple Security Advisory 2016-03-21-2
https://notcve.org/view.php?id=CVE-2016-1752
22 Mar 2016 — The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to cause a denial of service via a crafted app. El kernel en Apple iOS en versiones anteriores a 9.3, OS X en versiones anteriores a 10.11.4, tvOS en versiones anteriores a 9.2 y watchOS en versiones anteriores a 2.2 permite a atacantes causar una denegación de servicio a través de una app manipulada. OS X El Capitan 10.11.4 and Security Update 2016-002 is now available and addresses code execut... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 2CVE-2016-1755 – Apple Mac OSX Kernel - AppleKeyStore Use-After-Free
https://notcve.org/view.php?id=CVE-2016-1755
22 Mar 2016 — The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1754. El kernel en Apple iOS en versiones anteriores a 9.3, OS X en versiones anteriores a 10.11.4, tvOS en versiones anteriores a 9.2 y watchOS en versiones anteriores a 2.2 permite a atacantes ejecutar código arbitrario en un contexto pri... • https://packetstorm.news/files/id/136356 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-1758 – Apple Security Advisory 2016-03-21-5
https://notcve.org/view.php?id=CVE-2016-1758
22 Mar 2016 — The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app. El kernel en Apple iOS en versiones anteriores a 9.3 y OS X en versiones anteriores a 10.11.4 permite a atacantes obtener información sensible de la estructura de memoria o causar una denegación de servicio (lectura fuera de rango) a través de una app manipulada. OS X El Capitan 10.11.4 and Security Update 2016-002 is n... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1760 – Apple Security Advisory 2016-03-21-1
https://notcve.org/view.php?id=CVE-2016-1760
22 Mar 2016 — The XPC Services API in LaunchServices in Apple iOS before 9.3 allows attackers to bypass intended event-handler restrictions and modify an arbitrary app's events via a crafted app. La API XPC Services en LaunchServices en Apple iOS en versiones anteriores a 9.3 permite a atacantes eludir las restricciones destinadas al manejador de eventos y modificar un events de app arbitrario a través de una app manipulada. iOS 9.3 is now available and addresses code execution, memory corruption, and various other vulne... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-284: Improper Access Control •