|
265071
|
6.3 |
MEDIUM
Local
|
apple
|
mac_os_x
|
CoreGraphics in Apple OS X before 10.11.6 allows local users to obtain sensitive information from kernel memory and consequently gain privileges, or cause a denial of service (out-of-bounds read), vi…
|
CWE-264
CWE-125
Permissions, Privileges, and Access Controls
Out-of-bounds Read
|
CVE-2016-4652
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265072
|
6.1 |
MEDIUM
Network
|
apple
|
iphone_os
safari
|
Cross-site scripting (XSS) vulnerability in the WebKit JavaScript bindings in Apple iOS before 9.3.3 and Safari before 9.1.2 allows remote attackers to inject arbitrary web script or HTML via a craft…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4651
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265073
|
5.5 |
MEDIUM
Local
|
apple
|
mac_os_x
|
Audio in Apple OS X before 10.11.6 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-4649
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265074
|
5.5 |
MEDIUM
Local
|
apple
|
mac_os_x
|
Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-4648
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265075
|
7.8 |
HIGH
Local
|
apple
|
mac_os_x
|
Audio in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4647
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265076
|
6.5 |
MEDIUM
Network
|
apple
|
mac_os_x
|
Audio in Apple OS X before 10.11.6 mishandles a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted audio file.
|
CWE-200
Information Exposure
|
CVE-2016-4646
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265077
|
3.3 |
LOW
Local
|
apple
|
mac_os_x
|
CFNetwork in Apple OS X before 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-4645
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265078
|
7.3 |
HIGH
Local
|
apple
|
mac_os_x
|
Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or obtain sensitive user information via a crafted app that leverages a "type confusion."
|
CWE-20
Improper Input Validation
|
CVE-2016-4641
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265079
|
7.8 |
HIGH
Local
|
apple
|
mac_os_x
|
Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service (memory corruption) via a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4640
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265080
|
7.0 |
HIGH
Local
|
apple
|
mac_os_x
|
Login Window in Apple OS X before 10.11.6 does not properly initialize memory, which allows local users to cause a denial of service via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-4639
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
