CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-7610 – Apple Safari RenderObject Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-7610
13 Dec 2016 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. • http://www.securityfocus.com/bid/94907 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2016-7611 – Apple Safari HTMLLabelElement Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-7611
13 Dec 2016 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. • http://www.securityfocus.com/bid/94907 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-7578 – Ubuntu Security Notice USN-3166-1
https://notcve.org/view.php?id=CVE-2016-7578
28 Oct 2016 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. • http://www.securityfocus.com/bid/93949 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4613 – Ubuntu Security Notice USN-3166-1
https://notcve.org/view.php?id=CVE-2016-4613
28 Oct 2016 — An issue was discovered in certain Apple products. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/93949 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-4767 – Ubuntu Security Notice USN-3166-1
https://notcve.org/view.php?id=CVE-2016-4767
20 Sep 2016 — WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4768. WebKit en Apple iOS en versiones anteriores a 10, tvOS en versiones anteriores a 10, iTunes en versiones anteriores a 12.5.1 en Windows y Safari en versiones anteriores a 10 permite a atacantes... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4760 – Ubuntu Security Notice USN-3166-1
https://notcve.org/view.php?id=CVE-2016-4760
20 Sep 2016 — WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to conduct DNS rebinding attacks against non-HTTP Safari sessions by leveraging HTTP/0.9 support. WebKit en Apple iOS en versiones anteriores a 10, iTunes en versiones anteriores a 12.5.1 en Windows y Safari en versiones anteriores a 10 permite a atacantes remotos llevar a cabo ataques de revinculación DNS contra sesiones no HTTP de Safari aprovechando el soporte HTTP/0.9. A large number of security ... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-4768 – Apple Safari HTMLVideoElement Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-4768
20 Sep 2016 — WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4767. WebKit en Apple iOS en versiones anteriores a 10, tvOS en versiones anteriores a 10, iTunes en versiones anteriores a 12.5.1 en Windows y Safari en versiones anteriores a 10 permite a atacantes... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4763 – Apple Security Advisory 2016-09-20-2
https://notcve.org/view.php?id=CVE-2016-4763
20 Sep 2016 — WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly verify X.509 certificates from HTTPS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. WKWebView en WebKit en Apple iOS en versiones anteriores a 10, iTunes en versiones anteriores a 12.5.1 en Windows y Safari en versiones anteriores a 10 no verifica correctamente certificados X.509 desde servidores HTTPS, lo que perm... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-310: Cryptographic Issues •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-4759 – Ubuntu Security Notice USN-3166-1
https://notcve.org/view.php?id=CVE-2016-4759
20 Sep 2016 — WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4765, CVE-2016-4766, CVE-2016-4767, and CVE-2016-4768. WebKit en Apple iOS en versiones anteriores a 10, tvOS en versiones anteriores a 10, iTunes en versiones anteriores a 12.5.1 en Windows y Safari en versiones anteriores a 10 permite a atacantes... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0CVE-2016-4766 – Apple Security Advisory 2016-09-20-2
https://notcve.org/view.php?id=CVE-2016-4766
20 Sep 2016 — WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4767, and CVE-2016-4768. WebKit en Apple iOS en versiones anteriores a 10, tvOS en versiones anteriores a 10, iTunes en versiones anteriores a 12.5.1 en Windows y Safari en versiones anteriores a 10 permite a atacantes... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •