CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2016-7608 – Apple macOS Sierra 10.12.1 - 'IOFireWireFamily' FireWire Port Denial of Service
https://notcve.org/view.php?id=CVE-2016-7608
20 Feb 2017 — An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOFireWireFamily" component, which allows local users to obtain sensitive information from kernel memory via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "IOFireWireFamily", que permite a usuarios locales obtener información sensible de la memoria del kernel a través de vectore... • https://www.exploit-db.com/exploits/44235 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7629
https://notcve.org/view.php?id=CVE-2016-7629
20 Feb 2017 — An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "kext tools" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "kext tools". • http://www.securityfocus.com/bid/94903 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7620 – Apple OS X IOSurface Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-7620
20 Feb 2017 — An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOSurface" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "IOSurface". • http://www.securityfocus.com/bid/94903 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-7655
https://notcve.org/view.php?id=CVE-2016-7655
20 Feb 2017 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the "CoreMedia External Displays" component. It allows local users to gain privileges or cause a denial of service (type confusion) via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "CoreMedia External Dis... • http://www.securityfocus.com/bid/94906 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7714 – Apple OS X IOReportUserClient Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-7714
20 Feb 2017 — An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "IOKit" component. It allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2 está afectado. macOS en versiones anteriores a 10.12.2 está afectado. watchOS en versiones anteriores a 3.1.3 está afectado. El p... • https://support.apple.com/HT207422 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4683
https://notcve.org/view.php?id=CVE-2016-4683
20 Feb 2017 — An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted SGI file. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.1 está afectado. El problema involucra al componente "ImageIO". • http://www.securityfocus.com/bid/94431 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4681
https://notcve.org/view.php?id=CVE-2016-4681
20 Feb 2017 — An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "Core Image" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG file. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.1 está afectado. El problema involucra al componente "Core Image". • http://www.securityfocus.com/bid/94431 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7580
https://notcve.org/view.php?id=CVE-2016-7580
20 Feb 2017 — An issue was discovered in certain Apple products. macOS before 10.12 is affected. The issue involves the "Mail" component, which allows remote web servers to cause a denial of service via a crafted URL. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12 está afectado. El problema involucra al componente "Mail", que permite a servidores web remotos provocar una denegación de servicio a través de una URL manipulada. • http://www.securityfocus.com/bid/94434 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-7613
https://notcve.org/view.php?id=CVE-2016-7613
20 Feb 2017 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages object-lifetime mishandling during process spawning. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anterior... • http://www.securityfocus.com/bid/94116 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4721
https://notcve.org/view.php?id=CVE-2016-4721
20 Feb 2017 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "IDS - Connectivity" component, which allows man-in-the-middle attackers to spoof calls via a "switch caller" notification. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. El problema involucra al componente "IDS - Connectivity" que permite a atacantes man-in-... • http://www.securityfocus.com/bid/94429 • CWE-254: 7PK - Security Features •