|
2551
|
6.5
4.3
|
MEDIUM
Network
|
Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory via a crafted…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4718
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
10.0
|
2024-11-21 11:52
2016-09-25
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2552
|
7.8
9.3
|
HIGH
Local
|
CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted …
|
CWE-787
Out-of-bounds Write
|
CVE-2016-4712
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
10.0
|
2024-11-21 11:52
2016-09-25
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2553
|
7.5
5.0
|
HIGH
Network
|
CCrypt in corecrypto in CommonCrypto in Apple iOS before 10 and OS X before 10.12 allows attackers to discover cleartext information by leveraging a function call that specifies the same buffer for i…
|
CWE-200 CWE-20
Information Exposure Improper Input Validation
|
CVE-2016-4711
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.3.5
|
|
|
2024-11-21 11:52
2016-09-25
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2554
|
6.5
4.3
|
MEDIUM
Network
|
CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses the Set-Cookie header, which allows remote attackers to obtain sensitive information via a crafted …
|
CWE-200
Information Exposure
|
CVE-2016-4708
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
10.0
|
2024-11-21 11:52
2016-09-25
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2555
|
4.0
2.1
|
MEDIUM
Local
|
CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles Local Storage deletion, which allows local users to discover the visited web sites of arbitrary users via unspecified vectors.
|
CWE-200 CWE-19
Information Exposure Data Processing Errors
|
CVE-2016-4707
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.3.5
|
|
|
2024-11-21 11:52
2016-09-25
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2556
|
9.8
10.0
|
CRITICAL
Network
|
Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecifie…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4702
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
10.0
|
2024-11-21 11:52
2016-09-25
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2557
|
7.8
9.3
|
HIGH
Local
|
AppleMobileFileIntegrity in Apple iOS before 10 and OS X before 10.12 mishandles process entitlement and Team ID values in the task port inheritance policy, which allows attackers to execute arbitrar…
|
CWE-20
Improper Input Validation
|
CVE-2016-4698
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.3.5
|
|
|
2024-11-21 11:52
2016-09-25
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2558
|
9.8
10.0
|
CRITICAL
Network
|
xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, wh…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4658
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
10.0
|
2024-11-21 11:52
2016-09-25
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2559
|
6.1
4.3
|
MEDIUM
Network
|
Cross-site scripting (XSS) vulnerability in Safari Reader in Apple iOS before 10 and Safari before 10 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Unive…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4618
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.3.5
|
|
|
2024-11-21 11:52
2016-09-25
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2560
|
8.8
6.8
|
HIGH
Network
|
WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a differ…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4611
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
10.0
|
2024-11-21 11:52
2016-09-25
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|