CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2545 – Apple macOS IOGraphic Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-2545
15 May 2017 — An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "IOGraphics" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se descubrió un problema en ciertos productos de Apple. MacOS versiones anteriores a 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6977 – Apple macOS speechsynthesisd Unsigned Dylib Loading Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-6977
15 May 2017 — An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Speech Framework" component. It allows attackers to conduct sandbox-escape attacks or cause a denial of service (memory corruption) via a crafted app. Se detectó un problema en ciertos productos de Apple. MacOS versiones anteriores a 10.12.5 está afectado. • http://www.securitytracker.com/id/1038484 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2010-1816
https://notcve.org/view.php?id=CVE-2010-1816
13 Apr 2017 — Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image. El desbordamiento de búfer en ImageIO en Apple Mac OS X 10.6 a 10.6.3 y Mac OS X Server 10.6 a 10.6.3 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio a través de una imagen manipulada. • https://support.apple.com/en-us/HT4188 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2010-1821
https://notcve.org/view.php?id=CVE-2010-1821
13 Apr 2017 — Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges. Apple Mac OS X 10.6 a 10.6.3 y Mac OS X Server 10.6 a 10.6.3 permite a los usuarios locales obtener privilegios del sistema. • https://support.apple.com/en-us/HT4188 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2437
https://notcve.org/view.php?id=CVE-2017-2437
02 Apr 2017 — An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireAVC" component. It allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.4 está afectado. El problema involucra al componente "IOFireWireAVC". • http://www.securityfocus.com/bid/97140 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2418
https://notcve.org/view.php?id=CVE-2017-2418
02 Apr 2017 — An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Hypervisor" component. It allows guest OS users to obtain sensitive information from the CR8 control register via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.4 está afectado. El problema involucra a componente "Hypervisor". • http://www.securityfocus.com/bid/97140 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2409
https://notcve.org/view.php?id=CVE-2017-2409
02 Apr 2017 — An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Menus" component. It allows attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.4 está afectado. El problema involucra al componente "Menus". • http://www.securityfocus.com/bid/97140 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2427
https://notcve.org/view.php?id=CVE-2017-2427
02 Apr 2017 — An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.4 está afectado. El problema involucra al componente "Bluetooth". • http://www.securityfocus.com/bid/97140 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2402
https://notcve.org/view.php?id=CVE-2017-2402
02 Apr 2017 — An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of profile uninstall actions in the "MCX Client" component when a profile has multiple payloads. It allows remote attackers to bypass intended access restrictions by leveraging Active Directory certificate trust that should not have remained. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.4 está afectado. El problema involucra el manejo incorrec... • http://www.securityfocus.com/bid/97140 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2438
https://notcve.org/view.php?id=CVE-2017-2438
02 Apr 2017 — An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "AppleRAID" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.4 está afectado. El problema involucra al componente "AppleRAID". • http://www.securityfocus.com/bid/97140 • CWE-416: Use After Free •