CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-1717
https://notcve.org/view.php?id=CVE-2016-1717
The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. El componente Disk Images en Apple iOS en versiones anteriores a 9.2.1, OS X en versiones anteriores a 10.11.3 y tvOS en versiones anteriores a 9.1.1 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://www.securitytracker.com/id/1034736 https://support.apple.com/HT205729 https://support.apple.com/HT205731 https://support.apple.com/HT205732 https://support.apple.com/HT206168 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-1727
https://notcve.org/view.php?id=CVE-2016-1727
WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1724. WebKit, como se utiliza en Apple iOS en versiones anteriores a 9.2.1, Safari en versiones anteriores a 9.0.3 y tvOS en versiones anteriores a 9.1.1, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, una vulnerabilidad diferente a CVE-2016-1724. • http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html http://lists.apple.com/archives/security-announce/2016/Jan/msg00004.html http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://packetstormsecurity.com/files/136227/WebKitGTK-Memory-Corruption-Denial-Of-Service.html http://www.securityfocus.com/archive/1/537771/100/0/threaded http://www.securityfocus.com/bid/81263 http://www • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1723
https://notcve.org/view.php?id=CVE-2016-1723
WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1725 and CVE-2016-1726. WebKit, como se utiliza en Apple iOS en versiones anteriores a 9.2.1 y Safari en versiones anteriores a 9.0.3, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, una vulnerabilidad diferente a CVE-2016-1725 y CVE-2016-1726. • http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html http://lists.apple.com/archives/security-announce/2016/Jan/msg00004.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://packetstormsecurity.com/files/136227/WebKitGTK-Memory-Corruption-Denial-Of-Service.html http://www.securityfocus.com/archive/1/537771/100/0/threaded http://www.securityfocus.com/bid/81263 http://www.securitytracker.com/id/1034737 https://security.gentoo.org/glsa/201706-15 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 5EXPL: 0CVE-2015-8659
https://notcve.org/view.php?id=CVE-2015-8659
The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug. El manejo de flujo de datos en reposo en nghttp2 en versiones anteriores a 1.6.0 permite atacantes tener un impacto no especificado a través de vectores desconocidos, también conocido como error de uso después de liberación de memoria dinámica. • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175085.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175423.html http://www.openwall.com/lists/oss-security/2015&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2015-7113
https://notcve.org/view.php?id=CVE-2015-7113
The LaunchServices component in Apple iOS before 9.2 and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a malformed plist. El componente LaunchServices en Apple iOS en versiones anteriores a 9.2 y watchOS en versiones anteriores a 2.1 permite a atacantes ejecutar código arbitrario en un contexto privilegiado o causar una denegación de servicio (corrupción de memoria) a través de una lista de propiedades mal formada. • http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html http://www.securitytracker.com/id/1034348 https://support.apple.com/HT205635 https://support.apple.com/HT205641 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •