CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 2CVE-2017-2482 – Apple macOS/iOS Kernel 10.12.3 (16D32) - 'bpf' Heap Overflow
https://notcve.org/view.php?id=CVE-2017-2482
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.12.4 está afectado. tvOS en versiones anterior... • https://packetstorm.news/files/id/141981 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2017-2416 – Apple Security Advisory 2017-03-27-5
https://notcve.org/view.php?id=CVE-2017-2416
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted image file. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10... • http://www.securityfocus.com/bid/97137 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2418 – Apple Security Advisory 2017-03-27-3
https://notcve.org/view.php?id=CVE-2017-2418
27 Mar 2017 — An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Hypervisor" component. It allows guest OS users to obtain sensitive information from the CR8 control register via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.4 está afectado. El problema involucra a componente "Hypervisor". • http://www.securityfocus.com/bid/97140 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2485 – Apple Security Advisory 2017-03-27-5
https://notcve.org/view.php?id=CVE-2017-2485
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Security" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted X.509 certificate file. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones an... • http://www.securityfocus.com/bid/97132 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2440 – Apple Security Advisory 2017-03-27-5
https://notcve.org/view.php?id=CVE-2017-2440
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.12.4 está afe... • http://www.securityfocus.com/bid/97137 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2017-2430 – Apple macOS M4A Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2430
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio file. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.1... • http://www.securityfocus.com/bid/97137 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2017-2407 – Apple Security Advisory 2017-03-27-5
https://notcve.org/view.php?id=CVE-2017-2407
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a ... • http://www.securityfocus.com/bid/97137 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2410 – Apple Security Advisory 2017-03-27-3
https://notcve.org/view.php?id=CVE-2017-2410
27 Mar 2017 — An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.4 está afectado. El problema involucra al componente "Kernel". • http://www.securityfocus.com/bid/97140 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2017-2428 – Apple Security Advisory 2017-03-27-5
https://notcve.org/view.php?id=CVE-2017-2428
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves nghttp2 before 1.17.0 in the "HTTPProtocol" component. It allows remote HTTP/2 servers to have an unspecified impact via unknown vectors. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.12.4 está afectado. tvOS en versione... • http://www.securityfocus.com/bid/97146 •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 2CVE-2017-2474 – Apple macOS/iOS Kernel 10.12.3 (16D32) - SIOCGIFORDER Socket ioctl Off-by-One Memory Corruption
https://notcve.org/view.php?id=CVE-2017-2474
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. An off-by-one error allows attackers to execute arbitrary code in a privileged context via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.12.4 está afectado. tvOS en versiones anteri... • https://packetstorm.news/files/id/141976 •