CVSS: 9.8EPSS: 1%CPEs: 46EXPL: 0CVE-2016-9843 – zlib: Big-endian out-of-bounds pointer
https://notcve.org/view.php?id=CVE-2016-9843
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. La función crc32_big en crc32.c in zlib 1.2.8 podría permitir que atacantes dependientes del contexto causen impactos no especificados mediante vectores que implican cálculos CRC big-endian. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html http://www.openwall.com/lists/oss-security/2016/12/05/21 http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4764
https://notcve.org/view.php?id=CVE-2016-4764
An issue was discovered in certain Apple products. iOS before 10 is affected. Safari before 10 is affected. iTunes before 12.5.1 is affected. tvOS before 10 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10 está afectado. • http://www.securityfocus.com/bid/94430 https://support.apple.com/HT207142 https://support.apple.com/HT207143 https://support.apple.com/HT207157 https://support.apple.com/HT207158 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2016-4688
https://notcve.org/view.php?id=CVE-2016-4688
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted font. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. tvOS en versiones anteriores a 10.0.1 está afectado. watchOS en versiones anteriores a 3.1 está afectado. watchOS en versiones anteriores a 3.1.3 está afectado. El problema involucra el componente "FontParser". • http://www.securityfocus.com/bid/94572 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207269 https://support.apple.com/HT207270 https://support.apple.com/HT207271 https://support.apple.com/HT207275 https://support.apple.com/HT207487 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 9%CPEs: 3EXPL: 1CVE-2016-7626 – iOS 10.1.x - Certificate File Memory Corruption
https://notcve.org/view.php?id=CVE-2016-7626
An issue was discovered in certain Apple products. iOS before 10.2 is affected. tvOS before 10.1 is affected. watchOS before 3.1.1 is affected. The issue involves the "Profiles" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted certificate profile. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. tvOS en versiones anteriores a 10.1 está afectado. watchOS en versiones anteriores a 3.1.1 está afectado. El problema involucra al componente "Profiles". • https://www.exploit-db.com/exploits/40906 http://www.securityfocus.com/bid/94852 http://www.securitytracker.com/id/1037429 https://lists.apple.com/archives/security-announce/2016/Dec/msg00001.html https://support.apple.com/HT207422 https://support.apple.com/HT207425 https://support.apple.com/HT207487 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-7578
https://notcve.org/view.php?id=CVE-2016-7578
An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. • http://www.securityfocus.com/bid/93949 http://www.securitytracker.com/id/1037139 https://support.apple.com/HT207270 https://support.apple.com/HT207271 https://support.apple.com/HT207272 https://support.apple.com/HT207273 https://support.apple.com/HT207274 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •