CVSS: 8.8EPSS: 32%CPEs: 4EXPL: 2CVE-2017-2521 – WebKit JSC - 'JSObject::ensureLength' ensureLengthSlow Check Failure
https://notcve.org/view.php?id=CVE-2017-2521
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Fue encontrado un problema en algunos productos de Apple. iOS anteriores a la versión 10.3.2 se ven afectados. • https://packetstorm.news/files/id/142767 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2543 – Apple macOS AppleMultitouchDevice Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-2543
15 May 2017 — An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Multi-Touch" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 34%CPEs: 4EXPL: 2CVE-2017-2524 – Apple macOS/iOS - 'TIKeyboardLayout initWithCoder:' NSKeyedArchiver Heap Corruption Due to Rounding Error
https://notcve.org/view.php?id=CVE-2017-2524
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "TextInput" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted data. Fue encontrado un problema en algunos productos de Apple. iOS anteriores a la versión 10.3.2 se ven afectados. macOS anterior a la versión 10.... • https://packetstorm.news/files/id/142650 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 2CVE-2017-2516 – Apple macOS - 'stackshot' Raw Frame Pointers
https://notcve.org/view.php?id=CVE-2017-2516
15 May 2017 — An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • https://packetstorm.news/files/id/142629 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 2CVE-2017-6978 – Apple macOS - Lack of Bounds Checking in HIServices Custom CFObject Serialization Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-6978
15 May 2017 — An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Accessibility Framework" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • https://packetstorm.news/files/id/142652 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6981 – Apple Security Advisory 2017-05-15-2
https://notcve.org/view.php?id=CVE-2017-6981
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "iBooks" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that uses symlinks. Se detectó un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. macOS anterior a versión 10.12.5 está afectado. El problema involucra al componente "iBooks". • http://www.securitytracker.com/id/1038484 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2535 – Apple macOS authd Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-2535
15 May 2017 — An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Security" component. It allows attackers to conduct sandbox-escape attacks or cause a denial of service (resource consumption) via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS anterior a versión 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2545 – Apple macOS IOGraphic Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-2545
15 May 2017 — An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "IOGraphics" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS versiones anteriores a 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 0CVE-2017-2520 – Apple Security Advisory 2017-05-15-3
https://notcve.org/view.php?id=CVE-2017-2520
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement. Fue encontrado un problema en algunos productos de Apple. iOS anteriores a la versión 10.3.2 se ven afectados. macOS anterior a la versi... • http://www.securityfocus.com/bid/98468 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2502 – Apple Security Advisory 2017-05-15-3
https://notcve.org/view.php?id=CVE-2017-2502
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "CoreAudio" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. Fue encontrado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.2 se ve afectado. MacOS versión anterior a10.12.5 se ve afectado. • http://www.securityfocus.com/bid/98468 •