CVSS: 8.8EPSS: 5%CPEs: 4EXPL: 1CVE-2017-2373 – Apple WebKit - Type Confusion in RenderBox with Accessibility Enabled
https://notcve.org/view.php?id=CVE-2017-2373
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2.1 está afectado. • https://www.exploit-db.com/exploits/41216 http://www.securityfocus.com/bid/95727 http://www.securitytracker.com/id/1037668 https://security.gentoo.org/glsa/201706-15 https://support.apple.com/HT207482 https://support.apple.com/HT207484 https://support.apple.com/HT207485 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2351
https://notcve.org/view.php?id=CVE-2017-2351
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "WiFi" component, which allows physically proximate attackers to bypass the activation-lock protection mechanism and view the home screen via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2.1 está afectado. El problema involucra al componente "WiFi", que permite a atacantes próximos físicamente eludir el mecanismo de protección de bloqueo de activación y ver la pantalla de inicio a través de vectores no especificados. • http://www.securityfocus.com/bid/95722 http://www.securitytracker.com/id/1037668 https://support.apple.com/HT207482 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 3CVE-2017-2370 – Apple macOS 10.12.1 / iOS 10.2 - Kernel Userspace Pointer Memory Corruption
https://notcve.org/view.php?id=CVE-2017-2370
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (buffer overflow) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2.1 está afectado. macOS en versiones anteriores a 10.12.3 está afectado. tvOS en versiones anteriores a 10.1.1 está afectado. watchOS en versiones anteriores a 3.1.3 está afectado. El problema involucra al componente "Kernel". • https://www.exploit-db.com/exploits/41163 https://github.com/Peterpan0927/CVE-2017-2370 http://www.securityfocus.com/bid/95731 http://www.securitytracker.com/id/1037668 https://bugs.chromium.org/p/project-zero/issues/detail?id=1004 https://support.apple.com/HT207482 https://support.apple.com/HT207483 https://support.apple.com/HT207485 https://support.apple.com/HT207487 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 5%CPEs: 4EXPL: 1CVE-2017-2369 – Apple WebKit - 'HTMLKeygenElement' Type Confusion
https://notcve.org/view.php?id=CVE-2017-2369
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2.1 está afectado. • https://www.exploit-db.com/exploits/41215 http://www.securityfocus.com/bid/95727 http://www.securitytracker.com/id/1037668 https://security.gentoo.org/glsa/201706-15 https://support.apple.com/HT207482 https://support.apple.com/HT207484 https://support.apple.com/HT207485 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2350
https://notcve.org/view.php?id=CVE-2017-2350
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2.1 está afectado. • http://www.securityfocus.com/bid/95727 http://www.securitytracker.com/id/1037668 https://security.gentoo.org/glsa/201706-15 https://support.apple.com/HT207482 https://support.apple.com/HT207484 https://support.apple.com/HT207485 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •