CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4670
https://notcve.org/view.php?id=CVE-2016-4670
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "Security" component. It allows local users to discover lengths of arbitrary passwords by reading a log. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. El problema involucra al componente "Security". • http://www.securityfocus.com/bid/94433 https://support.apple.com/HT207271 https://support.apple.com/HT207275 • CWE-255: Credentials Management Errors •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7762
https://notcve.org/view.php?id=CVE-2016-7762
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "WebKit" component, which allows XSS attacks against Safari. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. El problema involucra al componente "WebKit" que permite ataques de XSS contra Safari. • https://support.apple.com/HT207422 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2016-7630 – Apple iOS legacy-diagnostics Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-7630
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "WebSheet" component, which allows attackers to bypass a sandbox protection mechanism via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. El problema involucra al componente "WebSheet", que permite a atacantes eludir el mecanismo de protección de aislamiento a través de vectores no especificados. This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Apple iOS. • https://support.apple.com/HT207422 • CWE-254: 7PK - Security Features •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4721
https://notcve.org/view.php?id=CVE-2016-4721
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "IDS - Connectivity" component, which allows man-in-the-middle attackers to spoof calls via a "switch caller" notification. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. El problema involucra al componente "IDS - Connectivity" que permite a atacantes man-in-the-middle suplantar llamadas a través de notificaciones "switch caller". • http://www.securityfocus.com/bid/94429 https://support.apple.com/HT207271 https://support.apple.com/HT207275 • CWE-254: 7PK - Security Features •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7759
https://notcve.org/view.php?id=CVE-2016-7759
An issue was discovered in certain Apple products. iOS before 10 is affected. The issue involves the "Springboard" component, which allows physically proximate attackers to obtain sensitive information by viewing application snapshots in the Task Switcher. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10 está afectado. El problema involucra al componente "Springboard", que permite a atacantes próximos físicamente obtener información sensible visualizando capturas de pantalla de la aplicación en el Task Switcher. • https://support.apple.com/HT207143 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •