CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7761
https://notcve.org/view.php?id=CVE-2016-7761
20 Feb 2017 — An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "WiFi" component, which allows local users to obtain sensitive network-configuration information by leveraging global storage. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "WiFi", que permite a usuarios locales obtener información sensible de la configuración red aprovechando el almacenamiento globa... • https://support.apple.com/HT207423 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-7577
https://notcve.org/view.php?id=CVE-2016-7577
20 Feb 2017 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "FaceTime" component, which allows remote attackers to trigger memory corruption and obtain audio data from a call that appeared to have ended. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. El problema involucra al componente "FaceTime", que permite a atacan... • http://www.securityfocus.com/bid/94429 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4670
https://notcve.org/view.php?id=CVE-2016-4670
20 Feb 2017 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "Security" component. It allows local users to discover lengths of arbitrary passwords by reading a log. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. El problema involucra al componente "Security". • http://www.securityfocus.com/bid/94433 • CWE-255: Credentials Management Errors •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-7613
https://notcve.org/view.php?id=CVE-2016-7613
20 Feb 2017 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages object-lifetime mishandling during process spawning. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anterior... • http://www.securityfocus.com/bid/94116 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-7584
https://notcve.org/view.php?id=CVE-2016-7584
20 Feb 2017 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "AppleMobileFileIntegrity" component, which allows remote attackers to spoof signed code by using a matching team ID. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. macOS en versiones anteriores a 10.12.1 está afectado. tvOS en versiones anteriores a... • http://www.securityfocus.com/bid/94571 • CWE-254: 7PK - Security Features •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7742
https://notcve.org/view.php?id=CVE-2016-7742
20 Feb 2017 — An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "xar" component, which allows remote attackers to execute arbitrary code via a crafted archive that triggers use of uninitialized memory locations. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.2 está afectado. El problema involucra al componente "xar", que permite a atacantes remotos ejecutar código arbitrario a través de un archivo manipulado que des... • https://support.apple.com/HT207423 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7580
https://notcve.org/view.php?id=CVE-2016-7580
20 Feb 2017 — An issue was discovered in certain Apple products. macOS before 10.12 is affected. The issue involves the "Mail" component, which allows remote web servers to cause a denial of service via a crafted URL. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12 está afectado. El problema involucra al componente "Mail", que permite a servidores web remotos provocar una denegación de servicio a través de una URL manipulada. • http://www.securityfocus.com/bid/94434 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4617
https://notcve.org/view.php?id=CVE-2016-4617
20 Feb 2017 — An issue was discovered in certain Apple products. macOS before 10.12 is affected. The issue involves a sandbox escape related to launchctl process spawning in the "libxpc" component. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12 está afectado. El problema involucra una fuga de sandbox relacionada con la generación de procesos launchctl en el componente "libxpc". • http://www.securityfocus.com/bid/96329 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4780
https://notcve.org/view.php?id=CVE-2016-4780
20 Feb 2017 — An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "Thunderbolt" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. macOS en versiones anteriores a 10.12.1 está afectado. El problema involucra al componente "Thunderbolt". • https://support.apple.com/HT207275 • CWE-476: NULL Pointer Dereference •
CVSS: 9.3EPSS: 19%CPEs: 4EXPL: 8CVE-2017-2370 – Apple macOS 10.12.1 / iOS 10.2 - Kernel Userspace Pointer Memory Corruption
https://notcve.org/view.php?id=CVE-2017-2370
24 Jan 2017 — An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (buffer overflow) via a crafted app. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.2.1 está afectado. macOS en versiones anteriores a 10.12.3 e... • https://packetstorm.news/files/id/140743 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •