CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1810
https://notcve.org/view.php?id=CVE-2016-1810
The Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. El subsistema Graphics Drivers en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 https://support.apple.com/HT206567 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1792
https://notcve.org/view.php?id=CVE-2016-1792
The AMD subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. El subsistema de AMD en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 https://support.apple.com/HT206567 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1805
https://notcve.org/view.php?id=CVE-2016-1805
CoreStorage in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app. CoeStoage en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado a través de una app manipulada. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 https://support.apple.com/HT206567 • CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1796 – Apple OS X libATSServer Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-1796
Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds memory access) via a crafted app. Apple Type Services (ATS) en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes obtener información sensible de la estructura de memoria del kernel o causar una denegación de servicio (acceso a memoria fuera de rango) a través de una app manipulada. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the GetUncompressedBitmapRepresentation method. The issue lies in the failure to properly validate the length of user-supplied data prior to copying it to a heap-based buffer. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 http://www.zerodayinitiative.com/advisories/ZDI-16-361 https://support.apple.com/HT206567 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1791
https://notcve.org/view.php?id=CVE-2016-1791
The AMD subsystem in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. El subsistema de AMD en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes obtener información sensible de la estructura de memoria del kernel a través de una app manipulada. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 https://support.apple.com/HT206567 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •