Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-09-25 | CVE-2016-5172 | Information Exposure vulnerability in multiple products The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code. | 6.5 |
| 2016-09-25 | CVE-2016-5171 | Use After Free vulnerability in Google Chrome WebKit/Source/bindings/templates/interface.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not prevent certain constructor calls, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code. | 8.8 |
| 2016-09-25 | CVE-2016-5170 | Use After Free vulnerability in Google Chrome WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not properly consider getter side effects during array key conversion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Indexed Database (aka IndexedDB) API calls. | 8.8 |
| 2016-09-25 | CVE-2016-5169 | Unspecified vulnerability in Google Chrome OS Format string vulnerability in Google Chrome OS before 53.0.2785.103 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 8.8 |
| 2016-09-25 | CVE-2016-4779 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X Apple Type Services (ATS) in Apple OS X before 10.12 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file. | 7.8 |
| 2016-09-25 | CVE-2016-4778 | Permissions, Privileges, and Access Controls vulnerability in Apple products The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 7.8 |
| 2016-09-25 | CVE-2016-4777 | NULL Pointer Dereference vulnerability in Apple products The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (invalid pointer dereference) via a crafted app. | 7.8 |
| 2016-09-25 | CVE-2016-4776 | Out-of-bounds Read vulnerability in Apple products The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4774. | 7.1 |
| 2016-09-25 | CVE-2016-4775 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Tvos and Watchos The kernel in Apple OS X before 10.12, tvOS before 10, and watchOS before 3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | 7.8 |
| 2016-09-25 | CVE-2016-4774 | Out-of-bounds Read vulnerability in Apple products The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4776. | 7.1 |