CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 3CVE-2015-1100 – Apple Mac OSX - Local Denial of Service
https://notcve.org/view.php?id=CVE-2015-1100
09 Apr 2015 — The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (out-of-bounds memory access) or obtain sensitive memory-content information via a crafted app. El kernel en Apple iOS anterior a 8.3, Apple OS X anterior a 10.10.3, y Apple TV anterior a 7.2 permite a atacantes causar una denegación de servicio (acceso a memoria fuera de rango) u obtener información sensible del contenido de la memoria a través de una aplicación manipulada. O... • https://packetstorm.news/files/id/131508 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-1094 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1094
09 Apr 2015 — IOAcceleratorFamily in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. IOAcceleratorFamily en Apple iOS anterior a 8.3 y Apple TV anterior a 7.2 permite a atacantes obtener información sensible sobre la memoria del kernel a través de una aplicación manipulada. Watch OS 1.0.1 is now available and addresses certificate issues, arbitrary code execution, XML external entity, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-1097 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1097
09 Apr 2015 — IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. IOMobileFramebuffer en Apple iOS anterior a 8.3 y Apple TV anterior a 7.2 permite a atacantes obtener información sensible sobre la memoria del kernel a través de una aplicación manipulada. Apple TV 7.2 is now available and addresses information disclosure, code execution, memory disclosure, and various other vulnerabilities. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-1098 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1098
09 Apr 2015 — iWork in Apple iOS before 8.3 and Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file. iWork en Apple iOS anterior a 8.3 y Apple OS X anterior a 10.10.3 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un fichero iWork manipulado. OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address privilege escalation, co... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 9%CPEs: 3EXPL: 0CVE-2015-1102 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1102
09 Apr 2015 — The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly handle TCP headers, which allows man-in-the-middle attackers to cause a denial of service via unspecified vectors. El kernel en Apple iOS anterior a 8.3, Apple OS X anterior a 10.10.3, y Apple TV anterior a 7.2 no maneja correctamente las cabeceras TCP, lo que permite a atacantes man-in-the-middle causar una denegación de servicio a través de vectores no especificados. OS X Yosemite 10.10.3 and Security ... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-1118 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1118
09 Apr 2015 — libnetcore in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (memory corruption and application crash) via a crafted configuration profile. libnetcore en Apple iOS anterior a 8.3, Apple OS X anterior a 10.10.3, y Apple TV anterior a 7.2 permite a atacantes causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un perfil de configuración manipulado. OS X Yosemite 10.10.3 and Security Update 2015-004 a... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1125 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1125
09 Apr 2015 — The touch-events implementation in WebKit in Apple iOS before 8.3 allows remote attackers to trigger an association between a tap and an unintended web resource via a crafted web site. La implementación touch-events en WebKit en Apple iOS anterior a 8.3 permite a atacantes remotos provocar una asociación entre una pulsación y un recurso de web no intencionado a través de un sitio web manipulado. iOS 8.3 is now available and addresses code execution, access restriction, information disclosure, and various ot... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-17: DEPRECATED: Code •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1090 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1090
09 Apr 2015 — CFNetwork in Apple iOS before 8.3 does not delete HTTP Strict Transport Security (HSTS) state information in response to a Safari history-clearing action, which allows attackers to obtain sensitive information by reading a history file. CFNetwork en Apple iOS anterior a 8.3 no elimina la información de del estado de HTTP Strict Transport Security (HSTS) en respuesta a una acción de la limpieza del historial de Safari, lo que permite a atacantes obtener información sensible mediante la lectura de un fichero ... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1111 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1111
09 Apr 2015 — Safari in Apple iOS before 8.3 does not delete Recently Closed Tabs data in response to a history-clearing action, which allows attackers to obtain sensitive information by reading a history file. Safari en Apple iOS anterior a 8.3 no elimina los datos Recently Closed Tabs en respuesta a una acción de limpieza del historial, lo que permite a atacantes obtener información sensible mediante la lectura de un fichero del historial. iOS 8.3 is now available and addresses code execution, access restriction, infor... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1106 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1106
09 Apr 2015 — The QuickType feature in the Keyboards subsystem in Apple iOS before 8.3 allows physically proximate attackers to discover passcodes by reading the lock screen during use of a Bluetooth keyboard. La característica QuickType en el subsistema Keyboards en Apple iOS anterior a 8.3 permite a atacantes físicamente próximos descubrir contraseñas mediante la lectura de la pantalla de bloqueo durante el uso de un teclado Bluetooth. iOS 8.3 is now available and addresses code execution, access restriction, informati... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •