CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-3740 – Apple Security Advisory 2015-09-16-3
https://notcve.org/view.php?id=CVE-2015-3740
13 Aug 2015 — WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. Vulnerabilidad en WebKit, tal como se utiliza en Apple iOS en versiones anteriores a 8.4.1 y en Safari en versiones anteriores a 6.2.8, 7.x en versiones... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.3EPSS: 0%CPEs: 4EXPL: 0CVE-2015-3751 – WebKitGTK+ 2.x Use-After-Free / DoS / Code Execution
https://notcve.org/view.php?id=CVE-2015-3751
13 Aug 2015 — WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to bypass a Content Security Policy protection mechanism by using a video control in conjunction with an IMG element within an OBJECT element. Vulnerabilidad en WebKit en Apple Safari en versiones anteriores a 6.2.8, 7.x en versiones anteriores a 7.1.8 y 8.x en versiones anteriores a 8.0.8, tal como se utiliza en iOS en versiones anteriores a 8.4.1 y otros prod... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html • CWE-254: 7PK - Security Features •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-3730 – Apple Security Advisory 2015-09-16-3
https://notcve.org/view.php?id=CVE-2015-3730
13 Aug 2015 — WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. Vulnerabilidad en WebKit, tal como se utiliza en Apple iOS en versiones anteriores a 8.4.1 y en Safari en versiones anteriores a 6.2.8, 7.x en versiones... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-3744 – Apple Security Advisory 2015-09-16-3
https://notcve.org/view.php?id=CVE-2015-3744
13 Aug 2015 — WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. Vulnerabilidad en WebKit, tal como se utiliza en Apple iOS en versiones anteriores a 8.4.1 y en Safari en versiones anteriores a 6.2.8, 7.x en versiones... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3805 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-3805
13 Aug 2015 — Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802. Vulnerabilidad en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a usuarios locales eludir un mecanismo de protección de firma de código a través de un archivo Mach-O manipulado, una vulnerabilidad diferente a CVE-2015-3802. OS X Yosemite 10.10.5 and Security Update 2015-006 is now ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-3742 – Apple Security Advisory 2015-09-16-3
https://notcve.org/view.php?id=CVE-2015-3742
13 Aug 2015 — WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. Vulnerabilidad en WebKit, tal como se utiliza en Apple iOS en versiones anteriores a 8.4.1 y en Safari en versiones anteriores a 6.2.8, 7.x en versiones... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3758 – Apple Security Advisory 2015-08-13-3
https://notcve.org/view.php?id=CVE-2015-3758
13 Aug 2015 — UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL. Vulnerabilidad en UIKit WebView en Apple iOS en versiones anteriores a 8.4.1, permite a atacantes evadir un requisito destinado a la confirmación de usuario e iniciar arbitrariamente llamadas FaceTime a través de una aplicación que proporciona una URL manipulada. iOS 8.4.1 is now available and addresses vulnerabilities in t... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3793 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-3793
13 Aug 2015 — CFPreferences in Apple iOS before 8.4.1 allows attackers to bypass the third-party app-sandbox protection mechanism and read arbitrary managed preferences via a crafted app. Vulnerabilidad en CFPreferences en Apple iOS en versiones anteriores a 8.4.1, permite a atacantes eludir el mecanismo de protección de la aplicación sandbox de un tercero y leer preferencias gestionadas arbitrariamente a través de una aplicación manipulada. Apple TV 7.2.1 is now available and addresses code execution, information disclo... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3759 – Apple Security Advisory 2016-02-25-1
https://notcve.org/view.php?id=CVE-2015-3759
13 Aug 2015 — Location Framework in Apple iOS before 8.4.1 allows local users to bypass intended restrictions on filesystem modification via a symlink. Vulnerabilidad en la localización del Framework en Apple iOS en versiones anteriores a 8.4.1, permite a usuarios locales evadir restricciones destinadas a la modificación del sistema de archivos a través de un enlace simbólico. Apple TV 7.2.1 is now available and addresses code execution, information disclosure, access bypass, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2015-3753 – WebKitGTK+ 2.x Use-After-Free / DoS / Code Execution
https://notcve.org/view.php?id=CVE-2015-3753
13 Aug 2015 — WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly perform taint checking for CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive image data by leveraging a redirect to a data:image resource. Vulnerabilidad en WebKit en Apple Safari en versiones anteriores a 6.2.8, 7.x en versiones anteriores a 7.1.8 y 8.x en versiones anteriores a 8.0.8, tal como se utiliza en iOS en ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •