Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2016-07-22	CVE-2016-6224	Improper Input Validation vulnerability in multiple products ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe or (2) MMC drive, which allows local users to obtain sensitive information via unspecified vectors. local low complexity ecryptfs canonical CWE-20	3.3
2016-07-22	CVE-2015-8946	Improper Input Validation vulnerability in multiple products ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors. local low complexity canonical ecryptfs CWE-20	3.3
2016-07-22	CVE-2016-4653	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4582. local low complexity apple CWE-119	7.8
2016-07-22	CVE-2016-4652	Out-of-bounds Read vulnerability in Apple mac OS X CoreGraphics in Apple OS X before 10.11.6 allows local users to obtain sensitive information from kernel memory and consequently gain privileges, or cause a denial of service (out-of-bounds read), via unspecified vectors. local high complexity apple CWE-125	6.3
2016-07-22	CVE-2016-4651	Cross-site Scripting vulnerability in Apple Iphone OS Cross-site scripting (XSS) vulnerability in the WebKit JavaScript bindings in Apple iOS before 9.3.3 and Safari before 9.1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP/0.9 response, related to a "cross-protocol cross-site scripting (XPXSS)" vulnerability. network low complexity apple CWE-79	6.1
2016-07-22	CVE-2016-4649	NULL Pointer Dereference vulnerability in Apple mac OS X Audio in Apple OS X before 10.11.6 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors. local low complexity apple CWE-476	5.5
2016-07-22	CVE-2016-4648	Information Exposure vulnerability in Apple mac OS X Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors. local low complexity apple CWE-200	5.5
2016-07-22	CVE-2016-4647	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X Audio in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted file. local low complexity apple CWE-119	7.8
2016-07-22	CVE-2016-4646	Information Exposure vulnerability in Apple mac OS X Audio in Apple OS X before 10.11.6 mishandles a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted audio file. network low complexity apple CWE-200	6.5
2016-07-22	CVE-2016-4645	Information Exposure vulnerability in Apple mac OS X CFNetwork in Apple OS X before 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors. local low complexity apple CWE-200	3.3

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities