|
265051
|
9.8 |
CRITICAL
Network
|
apache
|
cxf_fediz
|
The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and 1.3.x before 1.3.1 do not match SAML AudienceRestriction values against configured audience URIs, which might allow remote attackers…
|
CWE-284
Improper Access Control
|
CVE-2016-4464
|
2024-11-21 11:52 |
2016-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265052
|
8.6 |
HIGH
Network
|
hp
|
performance_center
loadrunner
|
HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-4384
|
2024-11-21 11:52 |
2016-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265053
|
7.5 |
HIGH
Local
|
trane
|
tracer_sc
|
ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2016-4526
|
2024-11-21 11:52 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265054
|
3.3 |
LOW
Local
|
apple
|
iphone_os
|
Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file.
|
CWE-200
Information Exposure
|
CVE-2016-4749
|
2024-11-21 11:52 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265055
|
3.7 |
LOW
Network
|
apple
|
iphone_os
|
Mail in Apple iOS before 10 mishandles certificates, which makes it easier for man-in-the-middle attackers to discover mail credentials via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-4747
|
2024-11-21 11:52 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265056
|
5.3 |
MEDIUM
Network
|
apple
|
iphone_os
|
The Keyboards component in Apple iOS before 10 does not properly use a cache for auto-correct suggestions, which allows remote attackers to obtain sensitive information in opportunistic circumstances…
|
CWE-200
Information Exposure
|
CVE-2016-4746
|
2024-11-21 11:52 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265057
|
5.9 |
MEDIUM
Network
|
apple
|
iphone_os
|
The Assets component in Apple iOS before 10 allows man-in-the-middle attackers to block software updates via vectors related to lack of an HTTPS session for retrieving updates.
|
CWE-254
7PK - Security Features
|
CVE-2016-4741
|
2024-11-21 11:52 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265058
|
2.9 |
LOW
Local
|
apple
|
iphone_os
|
Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin has occurred before displaying messages, which might allow attackers to obtain sensitive information via…
|
CWE-200
Information Exposure
|
CVE-2016-4740
|
2024-11-21 11:52 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265059
|
5.5 |
MEDIUM
Local
|
apple
|
watchos
iphone_os
|
The GeoServices component in Apple iOS before 10 and watchOS before 3 does not properly restrict access to PlaceData information, which allows attackers to discover physical locations via a crafted a…
|
CWE-200
Information Exposure
|
CVE-2016-4719
|
2024-11-21 11:52 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265060
|
7.8 |
HIGH
Local
|
apple
|
xcode
|
otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4705
|
2024-11-21 11:52 |
2016-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
