|
265431
|
5.9 |
MEDIUM
Network
|
apple
|
iphone_os
|
The Assets component in Apple iOS before 10 allows man-in-the-middle attackers to block software updates via vectors related to lack of an HTTPS session for retrieving updates.
|
CWE-254
7PK - Security Features
|
CVE-2016-4741
|
2024-11-21 11:52 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265432
|
2.9 |
LOW
Local
|
apple
|
iphone_os
|
Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin has occurred before displaying messages, which might allow attackers to obtain sensitive information via…
|
CWE-200
Information Exposure
|
CVE-2016-4740
|
2024-11-21 11:52 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265433
|
5.5 |
MEDIUM
Local
|
apple
|
watchos
iphone_os
|
The GeoServices component in Apple iOS before 10 and watchOS before 3 does not properly restrict access to PlaceData information, which allows attackers to discover physical locations via a crafted a…
|
CWE-200
Information Exposure
|
CVE-2016-4719
|
2024-11-21 11:52 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265434
|
7.8 |
HIGH
Local
|
apple
|
xcode
|
otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4705
|
2024-11-21 11:52 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265435
|
7.8 |
HIGH
Local
|
apple
|
xcode
|
otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4704
|
2024-11-21 11:52 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265436
|
3.3 |
LOW
Local
|
apple
|
iphone_os
|
The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to directory metadata for SMS draft directories, which allows attackers to discover text-message recipients via…
|
CWE-200
Information Exposure
|
CVE-2016-4620
|
2024-11-21 11:52 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265437
|
9.8 |
CRITICAL
Network
|
fortinet
|
fortiswitch
|
Fortinet FortiSwitch FSW-108D-POE, FSW-124D, FSW-124D-POE, FSW-224D-POE, FSW-224D-FPOE, FSW-248D-POE, FSW-248D-FPOE, FSW-424D, FSW-424D-POE, FSW-424D-FPOE, FSW-448D, FSW-448D-POE, FSW-448D-FPOE, FSW-…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-4573
|
2024-11-21 11:52 |
2016-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265438
|
8.8 |
HIGH
Network
|
theforeman
|
foreman
|
The (1) Organization and (2) Locations APIs and UIs in Foreman before 1.11.4 and 1.12.x before 1.12.0-RC3 allow remote authenticated users to bypass organization and location restrictions and (a) rea…
|
CWE-254
7PK - Security Features
|
CVE-2016-4475
|
2024-11-21 11:52 |
2016-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265439
|
5.0 |
MEDIUM
Network
|
theforeman
|
foreman
|
The (1) Organization and (2) Locations APIs in Foreman before 1.11.3 and 1.12.x before 1.12.0-RC1 allow remote authenticated users with unlimited filters to bypass organization and location restricti…
|
CWE-254
7PK - Security Features
|
CVE-2016-4451
|
2024-11-21 11:52 |
2016-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265440
|
7.8 |
HIGH
Local
|
apple
|
iphone_os
|
IOMobileFrameBuffer in Apple iOS before 9.3.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
|
CWE-264
CWE-119
Permissions, Privileges, and Access Controls
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4654
|
2024-11-21 11:52 |
2016-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
