|
2561
|
3.3
2.1
|
LOW
Local
|
Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file.
|
CWE-200
Information Exposure
|
CVE-2016-4749
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.3.5
|
|
|
2024-11-21 11:52
2016-09-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2562
|
3.7
4.3
|
LOW
Network
|
Mail in Apple iOS before 10 mishandles certificates, which makes it easier for man-in-the-middle attackers to discover mail credentials via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-4747
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.3.5
|
|
|
2024-11-21 11:52
2016-09-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2563
|
5.3
5.0
|
MEDIUM
Network
|
The Keyboards component in Apple iOS before 10 does not properly use a cache for auto-correct suggestions, which allows remote attackers to obtain sensitive information in opportunistic circumstances…
|
CWE-200
Information Exposure
|
CVE-2016-4746
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.3.5
|
|
|
2024-11-21 11:52
2016-09-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2564
|
5.9
4.3
|
MEDIUM
Network
|
The Assets component in Apple iOS before 10 allows man-in-the-middle attackers to block software updates via vectors related to lack of an HTTPS session for retrieving updates.
|
CWE-254
7PK - Security Features
|
CVE-2016-4741
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.3.5
|
|
|
2024-11-21 11:52
2016-09-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2565
|
2.9
1.9
|
LOW
Local
|
Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin has occurred before displaying messages, which might allow attackers to obtain sensitive information via…
|
CWE-200
Information Exposure
|
CVE-2016-4740
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.3.5
|
|
|
2024-11-21 11:52
2016-09-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2566
|
5.5
4.3
|
MEDIUM
Local
|
The GeoServices component in Apple iOS before 10 and watchOS before 3 does not properly restrict access to PlaceData information, which allows attackers to discover physical locations via a crafted a…
|
CWE-200
Information Exposure
|
CVE-2016-4719
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.3.5
|
|
|
2024-11-21 11:52
2016-09-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2567
|
3.3
4.3
|
LOW
Local
|
The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to directory metadata for SMS draft directories, which allows attackers to discover text-message recipients via…
|
CWE-200
Information Exposure
|
CVE-2016-4620
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
9.3.5
|
|
|
2024-11-21 11:52
2016-09-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2568
|
8.8
6.8
|
HIGH
Network
|
WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
|
CWE-787
Out-of-bounds Write
|
CVE-2016-4657
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
9.3.5
|
2026-04-22 01:22
2016-08-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2569
|
7.8
9.3
|
HIGH
Local
|
The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
|
CWE-787
Out-of-bounds Write
|
CVE-2016-4656
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
9.3.5
|
2026-04-22 01:22
2016-08-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2570
|
5.5
7.1
|
MEDIUM
Local
|
The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensitive information from memory via a crafted app.
|
NVD-CWE-noinfo
|
CVE-2016-4655
|
cpe:2.3:o:apple:iphone_os:10.0:* cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
9.3.5
|
2026-04-22 01:23
2016-08-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|