CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2440
https://notcve.org/view.php?id=CVE-2017-2440
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.12.4 está afe... • http://www.securityfocus.com/bid/97137 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2017-2416
https://notcve.org/view.php?id=CVE-2017-2416
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted image file. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10... • http://www.securityfocus.com/bid/97137 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2017-2462 – Apple macOS M4A Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2462
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio file. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.1... • http://www.securityfocus.com/bid/97137 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2390
https://notcve.org/view.php?id=CVE-2017-2390
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves symlink mishandling in the "libarchive" component. It allows local users to change arbitrary directory permissions via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.12.4 está afectado. tvOS en versio... • http://www.securityfocus.com/bid/97137 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2017-2428
https://notcve.org/view.php?id=CVE-2017-2428
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves nghttp2 before 1.17.0 in the "HTTPProtocol" component. It allows remote HTTP/2 servers to have an unspecified impact via unknown vectors. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.12.4 está afectado. tvOS en versione... • http://www.securityfocus.com/bid/97146 •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2017-2432 – Apple macOS ImageIO JPEG Parsing Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2432
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG file. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.... • http://www.securityfocus.com/bid/97137 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2017-2430 – Apple macOS M4A Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2430
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio file. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.1... • http://www.securityfocus.com/bid/97137 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 4EXPL: 2CVE-2017-2456 – Apple macOS/IOS 10.12.2 (16C67) - 'mach_msg' Heap Overflow
https://notcve.org/view.php?id=CVE-2017-2456
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.12.4 está afectado. tvOS en versiones anteriore... • https://www.exploit-db.com/exploits/41778 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2451
https://notcve.org/view.php?id=CVE-2017-2451
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Security" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (buffer overflow) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.12.4 está af... • http://www.securityfocus.com/bid/97137 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 1%CPEs: 4EXPL: 0CVE-2017-2417
https://notcve.org/view.php?id=CVE-2017-2417
27 Mar 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreGraphics" component. It allows remote attackers to cause a denial of service (infinite recursion) via a crafted image. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.12.4 está afectado. tvOS en versiones anterior... • http://www.securityfocus.com/bid/97137 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •