|
265441
|
8.8 |
HIGH
Network
|
apache
|
archiva
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.3.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add new repo…
|
CWE-352
Origin Validation Error
|
CVE-2016-4469
|
2024-11-21 11:52 |
2016-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265442
|
7.3 |
HIGH
Network
|
rockwellautomation
|
factorytalk_energrymetrix
|
Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattend…
|
CWE-285
Improper Authorization
|
CVE-2016-4531
|
2024-11-21 11:52 |
2016-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265443
|
9.8 |
CRITICAL
Network
|
rockwellautomation
|
factorytalk_energrymetrix
|
SQL injection vulnerability in Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2016-4522
|
2024-11-21 11:52 |
2016-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265444
|
7.8 |
HIGH
Local
|
apple
|
iphone_os
tvos
mac_os_x
watchos
|
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspe…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4653
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265445
|
6.3 |
MEDIUM
Local
|
apple
|
mac_os_x
|
CoreGraphics in Apple OS X before 10.11.6 allows local users to obtain sensitive information from kernel memory and consequently gain privileges, or cause a denial of service (out-of-bounds read), vi…
|
CWE-264
CWE-125
Permissions, Privileges, and Access Controls
Out-of-bounds Read
|
CVE-2016-4652
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265446
|
6.1 |
MEDIUM
Network
|
apple
|
iphone_os
safari
|
Cross-site scripting (XSS) vulnerability in the WebKit JavaScript bindings in Apple iOS before 9.3.3 and Safari before 9.1.2 allows remote attackers to inject arbitrary web script or HTML via a craft…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4651
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265447
|
5.5 |
MEDIUM
Local
|
apple
|
mac_os_x
|
Audio in Apple OS X before 10.11.6 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-4649
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265448
|
5.5 |
MEDIUM
Local
|
apple
|
mac_os_x
|
Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-4648
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265449
|
7.8 |
HIGH
Local
|
apple
|
mac_os_x
|
Audio in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4647
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265450
|
6.5 |
MEDIUM
Network
|
apple
|
mac_os_x
|
Audio in Apple OS X before 10.11.6 mishandles a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted audio file.
|
CWE-200
Information Exposure
|
CVE-2016-4646
|
2024-11-21 11:52 |
2016-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
