CVSS: 6.5EPSS: 21%CPEs: 4EXPL: 2CVE-2017-2480 – Apple WebKit / Safari 10.0.3 (12602.4.8) - Synchronous Page Load Universal Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-2480
28 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • https://packetstorm.news/files/id/141980 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 11%CPEs: 3EXPL: 2CVE-2017-2367 – Apple Webkit - Universal Cross-Site Scripting by Accessing a Named Property from an Unloaded Window
https://notcve.org/view.php?id=CVE-2017-2367
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • https://packetstorm.news/files/id/141956 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2376 – Gentoo Linux Security Advisory 201706-15
https://notcve.org/view.php?id=CVE-2017-2376
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar by leveraging text input during the loading of a page. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • http://www.securityfocus.com/bid/97129 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2377 – Gentoo Linux Security Advisory 201706-15
https://notcve.org/view.php?id=CVE-2017-2377
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows attackers to cause a denial of service (memory corruption and application crash) by leveraging a window-close action during a debugger-pause state. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • http://www.securityfocus.com/bid/97129 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2378 – Apple Security Advisory 2017-03-27-4
https://notcve.org/view.php?id=CVE-2017-2378
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves bookmark creation in the "WebKit" component. It allows remote attackers to execute arbitrary code or spoof a bookmark by leveraging mishandling of links during drag-and-drop actions. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • http://www.securityfocus.com/bid/97129 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2385 – Apple Security Advisory 2017-03-27-2
https://notcve.org/view.php?id=CVE-2017-2385
27 Mar 2017 — An issue was discovered in certain Apple products. Safari before 10.1 is affected. The issue involves the "Safari Login AutoFill" component. It allows local users to obtain access to locked keychain items via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/97136 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-2386 – Gentoo Linux Security Advisory 201706-15
https://notcve.org/view.php?id=CVE-2017-2386
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • http://www.securityfocus.com/bid/97130 •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2389 – Apple Security Advisory 2017-03-27-4
https://notcve.org/view.php?id=CVE-2017-2389
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof an HTTP authentication sheet or cause a denial of service via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • http://www.securityfocus.com/bid/97129 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2392 – Gentoo Linux Security Advisory 201706-15
https://notcve.org/view.php?id=CVE-2017-2392
27 Mar 2017 — An issue was discovered in certain Apple products. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/97140 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-2394 – Gentoo Linux Security Advisory 201706-15
https://notcve.org/view.php?id=CVE-2017-2394
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • http://www.securityfocus.com/bid/97130 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •