CVSS: 7.6EPSS: 0%CPEs: 4EXPL: 1CVE-2017-6979 – Apple iOS < 10.3.1 - Kernel
https://notcve.org/view.php?id=CVE-2017-6979
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "IOSurface" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. Se ha detectado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.2 se ve afectado. MacOS versión anterior a 10.12.5 se ve afectado. • https://www.exploit-db.com/exploits/42555 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 32%CPEs: 4EXPL: 1CVE-2017-2521 – WebKit JSC - 'JSObject::ensureLength' ensureLengthSlow Check Failure
https://notcve.org/view.php?id=CVE-2017-2521
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Fue encontrado un problema en algunos productos de Apple. iOS anteriores a la versión 10.3.2 se ven afectados. • https://www.exploit-db.com/exploits/42103 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2542 – Apple macOS AppleMultitouchDevice Uninitialized Memory Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-2542
15 May 2017 — An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Multi-Touch" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2017-2516 – Apple macOS - 'stackshot' Raw Frame Pointers
https://notcve.org/view.php?id=CVE-2017-2516
15 May 2017 — An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • https://www.exploit-db.com/exploits/42047 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2512
https://notcve.org/view.php?id=CVE-2017-2512
15 May 2017 — An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Sandbox" component. It allows attackers to conduct sandbox-escape attacks or cause a denial of service (memory corruption) via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2543 – Apple macOS AppleMultitouchDevice Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-2543
15 May 2017 — An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Multi-Touch" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 34%CPEs: 4EXPL: 1CVE-2017-2524 – Apple macOS/iOS - 'TIKeyboardLayout initWithCoder:' NSKeyedArchiver Heap Corruption Due to Rounding Error
https://notcve.org/view.php?id=CVE-2017-2524
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "TextInput" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted data. Fue encontrado un problema en algunos productos de Apple. iOS anteriores a la versión 10.3.2 se ven afectados. macOS anterior a la versión 10.... • https://www.exploit-db.com/exploits/42051 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2497
https://notcve.org/view.php?id=CVE-2017-2497
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "iBooks" component. It allows remote attackers to trigger visits to arbitrary URLs via a crafted book. Se descubrió un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. macOS anterior a versión 10.12.5 está afectado. El problema involucra el componente "iBooks". • http://www.securitytracker.com/id/1038484 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2507 – Apple iOS / MacOS Netagent Kernel Memory Disclosure
https://notcve.org/view.php?id=CVE-2017-2507
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. Fue encontrado un problema en algunos productos de Apple. iOS anteriores a la versión 10.3.2 se ven afectados. macOS anterior a la versión 10.12.5 se ve afectado. tvOS anterior a la versión la 10.2.1 se v... • http://www.securityfocus.com/bid/98468 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 1CVE-2017-2533 – Apple macOS diskarbitrationd Time-Of-Check/Time-Of-Use Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-2533
15 May 2017 — An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "DiskArbitration" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • https://www.exploit-db.com/exploits/42146 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •