Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-07-22 | CVE-2016-4584 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS The WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 8.8 |
| 2016-07-22 | CVE-2016-4583 | Race Condition vulnerability in multiple products WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing attack involving an SVG document. | 3.1 |
| 2016-07-22 | CVE-2016-4582 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4653. | 7.8 |
| 2016-07-22 | CVE-2016-1865 | NULL Pointer Dereference vulnerability in Apple products The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors. | 5.5 |
| 2016-07-22 | CVE-2016-1863 | Use After Free vulnerability in Apple products The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4582 and CVE-2016-4653. | 7.8 |
| 2016-07-22 | CVE-2014-9862 | Integer Overflow or Wraparound vulnerability in Apple mac OS X Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file. | 7.8 |
| 2016-07-21 | CVE-2016-5477 | Unspecified vulnerability in Oracle Glassfish Server 2.1.1/3.0.1 Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1 and 3.0.1 allows remote attackers to affect confidentiality via vectors related to Administration. | 5.8 |
| 2016-07-21 | CVE-2016-5476 | Unspecified vulnerability in Oracle Retail Integration BUS Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install. | 7.6 |
| 2016-07-21 | CVE-2016-5475 | Unspecified vulnerability in Oracle Retail Service Backbone 14.0/14.1/15.0 Unspecified vulnerability in the Oracle Retail Service Backbone component in Oracle Retail Applications 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install. | 7.6 |
| 2016-07-21 | CVE-2016-5474 | Unspecified vulnerability in Oracle Retail Service Backbone 14.0/14.1/15.0 Unspecified vulnerability in the Oracle Retail Service Backbone component in Oracle Retail Applications 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RSB Kernel. | 8.8 |