|
265371
|
8.8 |
HIGH
Network
|
apple
|
safari
iphone_os
icloud
itunes
|
WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, iCloud before 6.0 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4762
|
2024-11-21 11:52 |
2016-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265372
|
6.5 |
MEDIUM
Network
|
apple
|
itunes
safari
iphone_os
|
WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to conduct DNS rebinding attacks against non-HTTP Safari sessions by leveraging HTTP/0.9 s…
|
CWE-284
Improper Access Control
|
CVE-2016-4760
|
2024-11-21 11:52 |
2016-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265373
|
8.8 |
HIGH
Network
|
apple
|
tvos
iphone_os
safari
itunes
|
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption)…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4759
|
2024-11-21 11:52 |
2016-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265374
|
6.5 |
MEDIUM
Network
|
apple
|
safari
iphone_os
itunes
|
WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly restrict access to the location variable, which allows remote attackers to obtain sensitive info…
|
CWE-200
Information Exposure
|
CVE-2016-4758
|
2024-11-21 11:52 |
2016-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265375
|
5.5 |
MEDIUM
Local
|
apple
|
mac_os_x
|
Terminal in Apple OS X before 10.12 uses weak permissions for the .bash_history and .bash_session files, which allows local users to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-4755
|
2024-11-21 11:52 |
2016-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265376
|
7.5 |
HIGH
Network
|
apple
|
os_x_server
|
ServerDocs Server in Apple OS X Server before 5.2 supports the RC4 cipher, which might allow remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
|
CWE-310
Cryptographic Issues
|
CVE-2016-4754
|
2024-11-21 11:52 |
2016-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265377
|
7.8 |
HIGH
Local
|
apple
|
watchos
tvos
iphone_os
mac_os_x
|
Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 mishandle signed disk images, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
|
CWE-20
Improper Input Validation
|
CVE-2016-4753
|
2024-11-21 11:52 |
2016-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265378
|
5.5 |
MEDIUM
Local
|
apple
|
mac_os_x
|
The SecKeyDeriveFromPassword function in Apple OS X before 10.12 does not use the CF_RETURNS_RETAINED keyword, which allows attackers to obtain sensitive information from process memory by triggering…
|
CWE-200
Information Exposure
|
CVE-2016-4752
|
2024-11-21 11:52 |
2016-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265379
|
3.5 |
LOW
Network
|
apple
|
safari
|
The Safari Tabs component in Apple Safari before 10 allows remote attackers to spoof the address bar of a tab via a crafted web site.
|
CWE-254
7PK - Security Features
|
CVE-2016-4751
|
2024-11-21 11:52 |
2016-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265380
|
7.8 |
HIGH
Local
|
apple
|
iphone_os
mac_os_x
|
S2 Camera in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4750
|
2024-11-21 11:52 |
2016-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
