|
270971
|
4.3 |
MEDIUM
Network
|
apple
|
safari
|
The Top Sites feature in Apple Safari before 9.1 mishandles cookie storage, which makes it easier for remote web servers to track users via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-1772
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270972
|
6.5 |
MEDIUM
Network
|
apple
|
safari
|
The Downloads feature in Apple Safari before 9.1 mishandles file expansion, which allows remote attackers to cause a denial of service via a crafted web site.
|
CWE-19
Data Processing Errors
|
CVE-2016-1771
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270973
|
6.5 |
MEDIUM
Network
|
apple
|
mac_os_x
|
The Reminders component in Apple OS X before 10.11.4 allows attackers to bypass an intended user-confirmation requirement and trigger a dialing action via a tel: URL.
|
CWE-284
Improper Access Control
|
CVE-2016-1770
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270974
|
7.8 |
HIGH
Local
|
apple
|
mac_os_x
|
QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1769
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270975
|
7.8 |
HIGH
Local
|
apple
|
mac_os_x
|
QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1768
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270976
|
7.8 |
HIGH
Local
|
apple
|
mac_os_x
|
QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1767
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270977
|
7.5 |
HIGH
Network
|
apple
|
iphone_os
|
The Profiles component in Apple iOS before 9.3 does not properly validate certificates, which allows attackers to spoof an MDM profile trust relationship via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-1766
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270978
|
7.8 |
HIGH
Local
|
apple
|
xcode
|
otool in Apple Xcode before 7.3 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1765
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270979
|
4.3 |
MEDIUM
Network
|
apple
|
mac_os_x
|
The Content Security Policy (CSP) implementation in Messages in Apple OS X before 10.11.4 allows remote attackers to obtain sensitive information via a javascript: URL.
|
CWE-200
Information Exposure
|
CVE-2016-1764
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270980
|
3.5 |
LOW
Network
|
apple
|
iphone_os
|
Messages in Apple iOS before 9.3 does not ensure that an auto-fill action applies to the intended message thread, which allows remote authenticated users to obtain sensitive information by providing …
|
CWE-20
Improper Input Validation
|
CVE-2016-1763
|
2024-11-21 11:47 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
