CVSS: 9.8EPSS: 2%CPEs: 10EXPL: 0CVE-2016-4610 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-4610
19 Jul 2016 — libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, and CVE-2016-4612. libxslt en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, iTunes en versiones an... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 1CVE-2016-4447 – libxml2: Heap-based buffer underreads due to xmlParseName
https://notcve.org/view.php?id=CVE-2016-4447
27 May 2016 — The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName. La función xmlParseElementDecl en parser.c en libxml2 en versiones anteriores a 2.9.4 permite a atacantes dependientes del contexto provocar una denegación de servicio (underread basado en memoria dinámica y caída de aplicación) a través de un archivo manipulado, con la participació... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 42EXPL: 0CVE-2016-4448 – libxml2: Format string vulnerability
https://notcve.org/view.php?id=CVE-2016-4448
27 May 2016 — Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. Vulnerabilidad de formato de cadena en libxml2 en versiones anteriores a 2.9.4 permite a atacantes tener un impacto no especificado a través de especificadores de formato de cadena en vectores desconocidos. It was discovered that libxml2 incorrectly handled format strings. If a user or automated system were tricked into opening a specially crafted document, an atta... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1742 – Apple Security Advisory 2016-05-16-6
https://notcve.org/view.php?id=CVE-2016-1742
17 May 2016 — Untrusted search path vulnerability in the installer in Apple iTunes before 12.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory. Vulnerabilidad de búsqueda de ruta no confiable en el instalador en Apple iTunes en versiones anteriores a 12.4 permite a usuarios locales obtener privilegios a través de un Troyano DLL en el directorio de trabajo actual. iTunes 12.4 is now available and addresses a code execution vulnerability. • http://lists.apple.com/archives/security-announce/2016/May/msg00006.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2015-5928 – Apple Security Advisory 2015-10-21-3
https://notcve.org/view.php?id=CVE-2015-5928
21 Oct 2015 — WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. WebKit, como se utiliza en Apple iOS en versiones anteriores a 9.1, Safari en versiones anteriores a 9.0.1 y iTunes en versiones anteriores a 12.3.... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5929 – Apple Security Advisory 2015-10-21-3
https://notcve.org/view.php?id=CVE-2015-5929
21 Oct 2015 — WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. WebKit, como se utiliza en Apple iOS en versiones anteriores a 9.1, Safari en versiones anteriores a 9.0.1 y iTunes en versiones anteriores a 12.3.... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5930 – Apple Security Advisory 2015-10-21-3
https://notcve.org/view.php?id=CVE-2015-5930
21 Oct 2015 — WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. WebKit, como se utiliza en Apple iOS en versiones anteriores a 9.1, Safari en versiones anteriores a 9.0.1 y iTunes en versiones anteriores a 12.3.... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5931 – Apple Security Advisory 2015-10-21-3
https://notcve.org/view.php?id=CVE-2015-5931
21 Oct 2015 — WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5. WebKit, como se utiliza en Apple Safari en versiones anteriores a 9.0.1 y iTunes en versiones anteriores a 12.3.1, permite a atacantes remotos ejecutar código arbitrario o provocar una den... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 4%CPEs: 3EXPL: 0CVE-2015-6975 – Apple Security Advisory 2015-10-21-4
https://notcve.org/view.php?id=CVE-2015-6975
21 Oct 2015 — CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6992 and CVE-2015-7017. CoreText en Apple iOS en versiones anteriores a 9.1, OS X en versiones anteriores a 10.11.1 y iTunes en versiones anteriores a 12.3.1 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de me... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 4%CPEs: 3EXPL: 0CVE-2015-6992 – Apple Security Advisory 2015-10-21-4
https://notcve.org/view.php?id=CVE-2015-6992
21 Oct 2015 — CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-7017. CoreText en Apple iOS en versiones anteriores a 9.1, OS X en versiones anteriores a 10.11.1 y iTunes en versiones anteriores a 12.3.1 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de me... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •