CVSS: 9.8EPSS: 8%CPEs: 4EXPL: 1CVE-2017-2524 – Apple macOS/iOS - 'TIKeyboardLayout initWithCoder:' NSKeyedArchiver Heap Corruption Due to Rounding Error
https://notcve.org/view.php?id=CVE-2017-2524
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "TextInput" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted data. Fue encontrado un problema en algunos productos de Apple. iOS anteriores a la versión 10.3.2 se ven afectados. macOS anterior a la versión 10.12.5 se vea afectado. tvOS anterior a la versión la 10.2.1 se ve afectado. watchOS anterior a la versión 3.2.2 se ve afectado. El problema involucra el componente "TextInput". • https://www.exploit-db.com/exploits/42051 http://www.securityfocus.com/bid/98468 http://www.securitytracker.com/id/1038484 https://support.apple.com/HT207797 https://support.apple.com/HT207798 https://support.apple.com/HT207800 https://support.apple.com/HT207801 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2507 – Apple iOS / MacOS Netagent Kernel Memory Disclosure
https://notcve.org/view.php?id=CVE-2017-2507
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. Fue encontrado un problema en algunos productos de Apple. iOS anteriores a la versión 10.3.2 se ven afectados. macOS anterior a la versión 10.12.5 se ve afectado. tvOS anterior a la versión la 10.2.1 se ve afectado. watchOS anterior a la versión 3.2.2 se ve afectado. El problema involucra el componente "Kernel". • http://www.securityfocus.com/bid/98468 http://www.securitytracker.com/id/1038484 https://support.apple.com/HT207797 https://support.apple.com/HT207798 https://support.apple.com/HT207800 https://support.apple.com/HT207801 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 0CVE-2017-2518
https://notcve.org/view.php?id=CVE-2017-2518
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement. Fue encontrado un problema en algunos productos de Apple. iOS anteriores a la versión 10.3.2 se ven afectados. macOS anterior a la versión 10.12.5 se vea afectado. tvOS anterior a la versión la 10.2.1 se ve afectado. watchOS anterior a la versión 3.2.2 se ve afectado. El problema involucra el componente "SQLite". • http://www.securityfocus.com/bid/98468 http://www.securitytracker.com/id/1038484 https://lists.debian.org/debian-lts-announce/2019/01/msg00009.html https://support.apple.com/HT207797 https://support.apple.com/HT207798 https://support.apple.com/HT207800 https://support.apple.com/HT207801 https://usn.ubuntu.com/4019-1 https://usn.ubuntu.com/4019-2 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2017-2525 – Apple Safari RenderLayer Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2525
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha detectado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.2 se ve afectado. • http://www.securityfocus.com/bid/98473 http://www.securitytracker.com/id/1038487 https://security.gentoo.org/glsa/201706-15 https://support.apple.com/HT207798 https://support.apple.com/HT207801 https://support.apple.com/HT207804 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2017-2544 – Apple Safari Array concat Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2544
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se descubrió un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. • http://www.securityfocus.com/bid/98474 http://www.securitytracker.com/id/1038487 https://security.gentoo.org/glsa/201706-15 https://support.apple.com/HT207798 https://support.apple.com/HT207804 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •