CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-1794 – Apple Mac OSX Kernel - Null Pointer Dereference in AppleMuxControl.kext
https://notcve.org/view.php?id=CVE-2016-1794
The AppleGraphicsControlClient::checkArguments method in AppleGraphicsControl in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. El método AppleGraphicsControlClient::checkArguments en AppleGraphicsControl en Apple SO X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o provocar una denegación de servicio (referencia a puntero NULL) a través de una aplicación manipulada. • https://www.exploit-db.com/exploits/39922 http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://packetstormsecurity.com/files/137402/OS-X-AppleMuxControl.kext-NULL-Pointer-Dereference.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 https://bugs.chromium.org/p/project-zero/issues/detail?id=783 https://support.apple.com/HT206567 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-1793 – Apple Mac OSX Kernel - Null Pointer Dereference in AppleGraphicsDeviceControl
https://notcve.org/view.php?id=CVE-2016-1793
AppleGraphicsDeviceControlClient in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. AppleGraphicsDeviceControlClient en Apple SO X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o provocar denegación de servicio (referencia a puntero NULL) a través de una aplicación manipulada. • https://www.exploit-db.com/exploits/39923 http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://packetstormsecurity.com/files/137401/OS-X-AppleGraphicsDeviceControl-NULL-Pointer-Dereference.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 https://bugs.chromium.org/p/project-zero/issues/detail?id=782 https://support.apple.com/HT206567 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1810
https://notcve.org/view.php?id=CVE-2016-1810
The Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. El subsistema Graphics Drivers en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 https://support.apple.com/HT206567 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1842
https://notcve.org/view.php?id=CVE-2016-1842
MapKit in Apple iOS before 9.3.2, OS X before 10.11.5, and watchOS before 2.2.1 does not use HTTPS for shared links, which allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic. MapKit en Apple iOS en versiones anteriores a 9.3.2, OS X en versiones anteriores a 10.11.5 y watchOS en versiones anteriores a 2.2.1 no utiliza HTTPS para los enlaces compartidos, lo que permite a atacantes remotos obtener información sensible husmeando la red en busca de tráfico HTTP. • http://lists.apple.com/archives/security-announce/2016/May/msg00002.html http://lists.apple.com/archives/security-announce/2016/May/msg00003.html http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securitytracker.com/id/1035890 https://support.apple.com/HT206566 https://support.apple.com/HT206567 https://support.apple.com/HT206568 • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-1831
https://notcve.org/view.php?id=CVE-2016-1831
The kernel in Apple iOS before 9.3.2 and OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. El kernel en Apple iOS en versiones anteriores a 9.3.2 y OS X en versiones anteriores a 10.11.5 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una app manipulada. • http://lists.apple.com/archives/security-announce/2016/May/msg00002.html http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035890 https://support.apple.com/HT206567 https://support.apple.com/HT206568 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •