CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2017-2475
https://notcve.org/view.php?id=CVE-2017-2475
02 Apr 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted use of frames on a web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • http://www.securityfocus.com/bid/97130 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 21%CPEs: 3EXPL: 1CVE-2017-2469 – Apple WebKit - 'JSC::SymbolTableEntry::isWatchable' Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-2469
02 Apr 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • https://www.exploit-db.com/exploits/41869 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 20%CPEs: 3EXPL: 2CVE-2017-2476 – Apple WebKit - 'WebCore::toJS' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-2476
02 Apr 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • https://www.exploit-db.com/exploits/41814 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2392
https://notcve.org/view.php?id=CVE-2017-2392
02 Apr 2017 — An issue was discovered in certain Apple products. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/97140 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 3%CPEs: 2EXPL: 1CVE-2017-2457 – Apple WebKit 10.0.2 (12602.3.12.0.1_ r210800) - 'constructJSReadableStreamDefaultReader' Type Confusion
https://notcve.org/view.php?id=CVE-2017-2457
02 Apr 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • https://www.exploit-db.com/exploits/41803 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 21%CPEs: 3EXPL: 1CVE-2017-2470 – Apple WebKit - 'JSC::B3::Procedure::resetReachability' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-2470
02 Apr 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • https://www.exploit-db.com/exploits/41867 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-2465
https://notcve.org/view.php?id=CVE-2017-2465
02 Apr 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • http://www.securityfocus.com/bid/97130 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2486
https://notcve.org/view.php?id=CVE-2017-2486
02 Apr 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • http://www.securityfocus.com/bid/97147 • CWE-425: Direct Request ('Forced Browsing') •
CVSS: 8.8EPSS: 21%CPEs: 3EXPL: 1CVE-2017-2468 – Apple WebKit - 'Document::adoptNode' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-2468
02 Apr 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • https://www.exploit-db.com/exploits/41868 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 1%CPEs: 4EXPL: 1CVE-2017-2480 – Apple WebKit / Safari 10.0.3 (12602.4.8) - Synchronous Page Load Universal Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-2480
28 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • https://www.exploit-db.com/exploits/41865 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •