CVSS: 9.3EPSS: 10%CPEs: 7EXPL: 2CVE-2017-7042 – WebKit - 'WebCore::InputType::element' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-7042
20 Jul 2017 — An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un error en ciertos productos de Apple. • https://packetstorm.news/files/id/143486 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 3%CPEs: 8EXPL: 2CVE-2017-7046 – WebKit - 'WebCore::RenderObject' with Accessibility Enabled Use-After-Free
https://notcve.org/view.php?id=CVE-2017-7046
20 Jul 2017 — An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Fue encontrado un problema en ciertos productos de Apple. iOS versión anterior a 10.... • https://packetstorm.news/files/id/143488 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 3%CPEs: 8EXPL: 2CVE-2017-7048 – WebKit - 'WebCore::AccessibilityNodeObject::textUnderElement' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-7048
20 Jul 2017 — An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Fue encontrado un problema en ciertos productos de Apple. iOS versión anterior a 10.... • https://packetstorm.news/files/id/143489 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 3%CPEs: 8EXPL: 2CVE-2017-7049 – WebKit - 'WebCore::RenderSearchField::addSearchResult' Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-7049
20 Jul 2017 — An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Fue encontrado un problema en ciertos productos de Apple. iOS versión anterior a 10.... • https://packetstorm.news/files/id/143490 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2017-7055 – Apple Security Advisory 2017-07-19-1
https://notcve.org/view.php?id=CVE-2017-7055
20 Jul 2017 — An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Fue encontrado un problema en ciertos productos de Apple. iOS versión anterior a 10.... • http://www.securityfocus.com/bid/99885 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 6%CPEs: 8EXPL: 2CVE-2017-7056 – WebKit JSC - 'ArgumentsEliminationPhase::transform' Incorrect LoadVarargs Handling
https://notcve.org/view.php?id=CVE-2017-7056
20 Jul 2017 — An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Fue encontrado un problema en ciertos productos de Apple. iOS versión anterior a 10.... • https://packetstorm.news/files/id/143492 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 6%CPEs: 8EXPL: 2CVE-2017-7061 – WebKit JSC - 'BytecodeGenerator::emitGetByVal' Incorrect Optimization
https://notcve.org/view.php?id=CVE-2017-7061
20 Jul 2017 — An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Fue encontrado un problema en ciertos productos de Apple. iOS versión anterior a10.3... • https://packetstorm.news/files/id/144092 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2017-7052 – Apple Safari Frame Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-7052
19 Jul 2017 — An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Fue encontrado un problema en ciertos productos de Apple. iOS versión anterior a 10.... • http://www.securityfocus.com/bid/99885 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.1EPSS: 0%CPEs: 5EXPL: 0CVE-2016-4583 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4583
19 Jul 2016 — WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing attack involving an SVG document. WebKit en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos eludir la Same Origin Policy y obtener la fecha de imagen de un sitio web no intencionado a través de un ataque de sincron... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.1EPSS: 1%CPEs: 4EXPL: 0CVE-2016-4585 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4585
19 Jul 2016 — Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari. Vulnerabilidad de XSS en la implementación de WebKit Page Loading en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos inye... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •