|
273621
|
6.5 |
MEDIUM
Network
|
apple
|
iphone_os
safari
|
WebKit in Apple iOS before 9.3 and Safari before 9.1 does not properly restrict redirects that specify a TCP port number, which allows remote attackers to bypass intended port restrictions via a craf…
|
CWE-284
Improper Access Control
|
CVE-2016-1782
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273622
|
4.3 |
MEDIUM
Network
|
apple
|
iphone_os
safari
|
WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles attachment URLs, which makes it easier for remote web servers to track users via unspecified vectors.
|
CWE-19
Data Processing Errors
|
CVE-2016-1781
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273623
|
4.3 |
MEDIUM
Network
|
apple
|
iphone_os
|
WebKit in Apple iOS before 9.3 does not prevent hidden web views from reading orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical envi…
|
CWE-200
Information Exposure
|
CVE-2016-1780
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273624
|
6.5 |
MEDIUM
Network
|
apple
|
iphone_os
safari
|
WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote attackers to bypass the Same Origin Policy and obtain physical-location data via a crafted geolocation request.
|
CWE-200
Information Exposure
|
CVE-2016-1779
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273625
|
8.8 |
HIGH
Network
|
apple
|
iphone_os
safari
|
WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
|
CWE-399
Resource Management Errors
|
CVE-2016-1778
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273626
|
7.5 |
HIGH
Network
|
apple
|
mac_os_x_server
|
Web Server in Apple OS X Server before 5.1 supports the RC4 algorithm, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
|
CWE-310
Cryptographic Issues
|
CVE-2016-1777
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273627
|
5.3 |
MEDIUM
Network
|
apple
|
mac_os_x_server
|
Web Server in Apple OS X Server before 5.1 does not properly restrict access to .DS_Store and .htaccess files, which allows remote attackers to obtain sensitive configuration information via an HTTP …
|
CWE-284
Improper Access Control
|
CVE-2016-1776
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273628
|
7.8 |
HIGH
Local
|
apple
|
watchos
iphone_os
mac_os_x
tvos
|
TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption)…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1775
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273629
|
5.3 |
MEDIUM
Network
|
apple
|
mac_os_x_server
|
The Time Machine server in Server App in Apple OS X Server before 5.1 does not notify the user about ignored permissions during a backup, which makes it easier for remote attackers to obtain sensitiv…
|
CWE-284
Improper Access Control
|
CVE-2016-1774
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273630
|
3.3 |
LOW
Local
|
apple
|
mac_os_x
|
The code-signing subsystem in Apple OS X before 10.11.4 does not properly verify file ownership, which allows local users to determine the existence of arbitrary files via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1773
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
