CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3768 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-3768
13 Aug 2015 — Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API calls. Desbordamiento de enteros en el kernel de Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes ejecutar código arbitrario en un contexto privilegiado a través de aplicaciones manipuladas que realizan llamadas no especificadas a la API IOKit. OS X Yosemite... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3776 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-3776
13 Aug 2015 — IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption and application crash) via a malformed plist. Vulnerabilidad en IOKit en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de una plist ma... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3756 – Apple Security Advisory 2015-08-13-3
https://notcve.org/view.php?id=CVE-2015-3756
13 Aug 2015 — The Certificate UI in Apple iOS before 8.4.1 does not prevent X.509 certificate acceptance within the lock screen, which allows physically proximate attackers to establish arbitrary certificate trust relationships by completing a dialog. Vulnerabilidad en la interfaz de usuario Certificate UI en Apple iOS en versiones anteriores a 8.4.1, no impide la aceptación del certificado X.509 dentro de la pantalla de bloqueo, lo que permite a atacantes físicamente próximos establecer certificados de relaciones de con... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html • CWE-254: 7PK - Security Features •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3803 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-3803
13 Aug 2015 — Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file. Vulnerabilidad en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a usuarios locales eludir un mecanismo de protección de firma de código a través de un archivo de arquitectura múltiple ejecutable manipulado. OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2015-3732 – WebKitGTK+ 2.x Use-After-Free / DoS / Code Execution
https://notcve.org/view.php?id=CVE-2015-3732
13 Aug 2015 — WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. Vulnerabilidad en WebKit, tal como se utiliza en Apple iOS en versiones anteriores a 8.4.1 y en Safari en versiones anteriores a 6.2.8, 7.x en versiones... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-3738 – Apple Security Advisory 2015-09-16-3
https://notcve.org/view.php?id=CVE-2015-3738
13 Aug 2015 — WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. Vulnerabilidad en WebKit, tal como se utiliza en Apple iOS en versiones anteriores a 8.4.1 y en Safari en versiones anteriores a 6.2.8, 7.x en versiones... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3795 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-3795
13 Aug 2015 — libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app that sends a malformed XPC message. Vulnerabilidad en libxpc en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una aplicación manipulada ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3766 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-3766
13 Aug 2015 — The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a crafted app. Vulnerabilidad en el kernel de Apple iOS en versiones anteriores a 8.4.1 y en OS X en versiones anteriores a 10.10.5, no restringe correctamente la interfaz mach_port_space_info, lo que permite a atacantes obtener información sensible de la estructura de la memoria a través de una aplicación manipul... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3778 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-3778
13 Aug 2015 — bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11 network for DNAv4 broadcast traffic. Vulnerabilidad en bootp en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes remotos obtener información potencialmente sensible sobre direcciones MAC vistas en sesiones Wi-Fi previas rastreando una red 802.11 en busca de t... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-3746 – Apple Security Advisory 2015-09-16-3
https://notcve.org/view.php?id=CVE-2015-3746
13 Aug 2015 — WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. Vulnerabilidad en WebKit, tal como se utiliza en Apple iOS en versiones anteriores a 8.4.1 y en Safari en versiones anteriores a 6.2.8, 7.x versiones an... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •