CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7601
https://notcve.org/view.php?id=CVE-2016-7601
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Local Authentication" component, which does not honor the configured screen-lock time interval if the Touch ID prompt is visible. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. El problema involucra al componente "Local Authentication", que no respeta el intervalo de tiempo de bloqueo de pantalla configurado si el indicador de ID de toque está visible. • http://www.securityfocus.com/bid/94850 http://www.securitytracker.com/id/1037429 https://support.apple.com/HT207422 • CWE-254: 7PK - Security Features •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7653
https://notcve.org/view.php?id=CVE-2016-7653
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Media Player" component, which allows physically proximate attackers to obtain sensitive photo and contact information by leveraging lockscreen access. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. El problema involucra al componente "Media Player" que permite a atacantes próximos físicamente obtener fotos e información de contacto sensibles aprovechando un acceso a la pantalla de bloqueo. • http://www.securityfocus.com/bid/94850 http://www.securitytracker.com/id/1037429 https://support.apple.com/HT207422 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7638
https://notcve.org/view.php?id=CVE-2016-7638
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Find My iPhone" component, which allows physically proximate attackers to disable this component by bypassing authentication. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. El problema involucra al componente "Find My iPhone", que permite a atacantes próximos físicamente deshabilitar este componente eludiendo la autenticación. • http://www.securityfocus.com/bid/94850 http://www.securitytracker.com/id/1037429 https://support.apple.com/HT207422 • CWE-254: 7PK - Security Features •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7665
https://notcve.org/view.php?id=CVE-2016-7665
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Graphics Driver" component, which allows remote attackers to cause a denial of service via a crafted video. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. El problema involucra al componente "Graphics Driver" que permite a atacantes remotos provocar una denegación de servicio a través de un vídeo manipulado. • http://www.securityfocus.com/bid/94850 http://www.securitytracker.com/id/1037429 https://support.apple.com/HT207422 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 9%CPEs: 3EXPL: 1CVE-2016-7626 – iOS 10.1.x - Certificate File Memory Corruption
https://notcve.org/view.php?id=CVE-2016-7626
An issue was discovered in certain Apple products. iOS before 10.2 is affected. tvOS before 10.1 is affected. watchOS before 3.1.1 is affected. The issue involves the "Profiles" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted certificate profile. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. tvOS en versiones anteriores a 10.1 está afectado. watchOS en versiones anteriores a 3.1.1 está afectado. El problema involucra al componente "Profiles". • https://www.exploit-db.com/exploits/40906 http://www.securityfocus.com/bid/94852 http://www.securitytracker.com/id/1037429 https://lists.apple.com/archives/security-announce/2016/Dec/msg00001.html https://support.apple.com/HT207422 https://support.apple.com/HT207425 https://support.apple.com/HT207487 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •