CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2016-7630 – Apple iOS legacy-diagnostics Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-7630
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "WebSheet" component, which allows attackers to bypass a sandbox protection mechanism via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. El problema involucra al componente "WebSheet", que permite a atacantes eludir el mecanismo de protección de aislamiento a través de vectores no especificados. This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Apple iOS. • https://support.apple.com/HT207422 • CWE-254: 7PK - Security Features •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4721
https://notcve.org/view.php?id=CVE-2016-4721
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "IDS - Connectivity" component, which allows man-in-the-middle attackers to spoof calls via a "switch caller" notification. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. El problema involucra al componente "IDS - Connectivity" que permite a atacantes man-in-the-middle suplantar llamadas a través de notificaciones "switch caller". • http://www.securityfocus.com/bid/94429 https://support.apple.com/HT207271 https://support.apple.com/HT207275 • CWE-254: 7PK - Security Features •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7759
https://notcve.org/view.php?id=CVE-2016-7759
An issue was discovered in certain Apple products. iOS before 10 is affected. The issue involves the "Springboard" component, which allows physically proximate attackers to obtain sensitive information by viewing application snapshots in the Task Switcher. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10 está afectado. El problema involucra al componente "Springboard", que permite a atacantes próximos físicamente obtener información sensible visualizando capturas de pantalla de la aplicación en el Task Switcher. • https://support.apple.com/HT207143 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7765
https://notcve.org/view.php?id=CVE-2016-7765
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Clipboard" component, which allows physically proximate attackers to obtain sensitive information in the lockscreen state by viewing clipboard contents. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. El problema involucra al componente "Clipboard", que permite a atacantes próximos físicamente obtener información sensible en el estado de bloqueo de pantalla visualizando contenidos del portapapeles. • https://support.apple.com/HT207422 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-7655
https://notcve.org/view.php?id=CVE-2016-7655
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the "CoreMedia External Displays" component. It allows local users to gain privileges or cause a denial of service (type confusion) via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "CoreMedia External Displays". • http://www.securityfocus.com/bid/94906 http://www.securitytracker.com/id/1037469 https://support.apple.com/HT207422 https://support.apple.com/HT207423 • CWE-704: Incorrect Type Conversion or Cast •