|
265301
|
4.6 |
MEDIUM
Physics
|
apple
|
mac_os_x
|
Safari Login AutoFill in Apple OS X before 10.11.6 allows physically proximate attackers to discover passwords by reading the screen during the login procedure.
|
CWE-200
Information Exposure
|
CVE-2016-4595
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265302
|
7.8 |
HIGH
Local
|
apple
|
iphone_os
tvos
mac_os_x
watchos
|
The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an …
|
CWE-20
Improper Input Validation
|
CVE-2016-4594
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265303
|
2.4 |
LOW
Physics
|
apple
|
iphone_os
|
The Siri Contacts component in Apple iOS before 9.3.3 allows physically proximate attackers to read arbitrary Contact card information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-4593
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265304
|
6.5 |
MEDIUM
Network
|
apple
webkitgtk
|
webkit
webkitgtk\+
|
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted web site.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-4592
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265305
|
7.5 |
HIGH
Network
|
apple
|
webkit
|
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors.
|
CWE-284
Improper Access Control
|
CVE-2016-4591
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265306
|
5.4 |
MEDIUM
Network
|
apple
|
safari
webkit
|
WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles about: URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
|
CWE-20
Improper Input Validation
|
CVE-2016-4590
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265307
|
8.8 |
HIGH
Network
|
apple
|
webkit
|
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site,…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4589
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265308
|
8.8 |
HIGH
Network
|
apple
|
webkit
|
WebKit in Apple tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4588
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265309
|
6.5 |
MEDIUM
Network
|
apple
|
webkit
|
WebKit in Apple iOS before 9.3.3 and tvOS before 9.2.2 allows remote attackers to obtain sensitive information from uninitialized process memory via a crafted web site.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4587
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265310
|
8.8 |
HIGH
Network
|
apple
|
safari
tvos
|
WebKit in Apple Safari before 9.1.2 and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4586
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
