CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7075
https://notcve.org/view.php?id=CVE-2017-7075
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Notes" component. It allows local users to obtain sensitive information by reading search results that contain locked-note content. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11 se han visto afectadas. • https://support.apple.com/HT208112 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6976
https://notcve.org/view.php?id=CVE-2017-6976
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Sandbox Profiles" component. It allows attackers to bypass intended access restrictions (for iCloud user records) via a crafted app. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 10.3 se han visto afectadas. • https://support.apple.com/HT207617 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-7003
https://notcve.org/view.php?id=CVE-2017-7003
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (application crash) via a crafted file. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 10.3.2, las versiones de macOS anteriores a la 10.12.5, las versiones de tvOS anteriores a la 10.2.1 y las versiones de watchOS anteriores a la 3.2.2 se han visto afectadas. • https://support.apple.com/HT207797 https://support.apple.com/HT207798 https://support.apple.com/HT207800 https://support.apple.com/HT207801 • CWE-20: Improper Input Validation •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4168
https://notcve.org/view.php?id=CVE-2018-4168
An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Files Widget" component. It allows physically proximate attackers to obtain sensitive information by leveraging the display of cached data on a locked device. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.3 se han visto afectadas. • http://www.securityfocus.com/bid/103578 http://www.securitytracker.com/id/1040604 https://support.apple.com/HT208693 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4172
https://notcve.org/view.php?id=CVE-2018-4172
An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Find My iPhone" component. It allows physically proximate attackers to bypass the iCloud password requirement for disabling the "Find My iPhone" feature via vectors involving a backup restore. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.3 se han visto afectadas. • http://www.securityfocus.com/bid/103578 http://www.securitytracker.com/id/1040604 https://support.apple.com/HT208693 •