CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2427
https://notcve.org/view.php?id=CVE-2017-2427
02 Apr 2017 — An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.4 está afectado. El problema involucra al componente "Bluetooth". • http://www.securityfocus.com/bid/97140 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2402
https://notcve.org/view.php?id=CVE-2017-2402
02 Apr 2017 — An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of profile uninstall actions in the "MCX Client" component when a profile has multiple payloads. It allows remote attackers to bypass intended access restrictions by leveraging Active Directory certificate trust that should not have remained. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.4 está afectado. El problema involucra el manejo incorrec... • http://www.securityfocus.com/bid/97140 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2438
https://notcve.org/view.php?id=CVE-2017-2438
02 Apr 2017 — An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "AppleRAID" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.4 está afectado. El problema involucra al componente "AppleRAID". • http://www.securityfocus.com/bid/97140 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2436
https://notcve.org/view.php?id=CVE-2017-2436
02 Apr 2017 — An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireAVC" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.4 está afectado. El problema involucra al componente "IOFireWireAVC". • http://www.securityfocus.com/bid/97140 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2413
https://notcve.org/view.php?id=CVE-2017-2413
02 Apr 2017 — An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "QuickTime" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted media file. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.4 está afectado. El problema involucra al componente "QuickTime". • http://www.securityfocus.com/bid/97140 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 1CVE-2017-2483 – Apple macOS Kernel 10.12.3 (16D32) - 'audit_pipe_open' Off-by-One Memory Corruption
https://notcve.org/view.php?id=CVE-2017-2483
02 Apr 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.12.4 está afectado. tvOS en versiones anterior... • https://www.exploit-db.com/exploits/41797 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2485
https://notcve.org/view.php?id=CVE-2017-2485
02 Apr 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Security" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted X.509 certificate file. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones an... • http://www.securityfocus.com/bid/97132 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2421
https://notcve.org/view.php?id=CVE-2017-2421
02 Apr 2017 — An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "AppleGraphicsPowerManagement" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.4 está afectado. El problema involucra al componente "AppleGraphicsPowerManagement". • http://www.securityfocus.com/bid/97140 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2381
https://notcve.org/view.php?id=CVE-2017-2381
02 Apr 2017 — An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "sudo" component. It allows remote authenticated users to gain privileges by leveraging membership in the admin group on a network directory server. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.4 está afectado. El problema involucra al componente "sudo". • http://www.securityfocus.com/bid/97140 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2410
https://notcve.org/view.php?id=CVE-2017-2410
02 Apr 2017 — An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.4 está afectado. El problema involucra al componente "Kernel". • http://www.securityfocus.com/bid/97140 • CWE-20: Improper Input Validation •