Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-07-22 | CVE-2016-4587 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Webkit WebKit in Apple iOS before 9.3.3 and tvOS before 9.2.2 allows remote attackers to obtain sensitive information from uninitialized process memory via a crafted web site. | 4.3 |
| 2016-07-22 | CVE-2016-4586 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari and Tvos WebKit in Apple Safari before 9.1.2 and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 6.8 |
| 2016-07-22 | CVE-2016-4585 | Cross-site Scripting vulnerability in Apple Webkit Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari. | 4.3 |
| 2016-07-22 | CVE-2016-4584 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Safari and Tvos The WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 6.8 |
| 2016-07-22 | CVE-2016-4583 | Race Condition vulnerability in multiple products WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing attack involving an SVG document. | 2.6 |
| 2016-07-22 | CVE-2016-4582 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4653. | 7.2 |
| 2016-07-22 | CVE-2016-1865 | NULL Pointer Dereference vulnerability in Apple products The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors. | 4.9 |
| 2016-07-22 | CVE-2016-1863 | Use After Free vulnerability in Apple products The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4582 and CVE-2016-4653. | 7.2 |
| 2016-07-22 | CVE-2014-9862 | Integer Overflow or Wraparound vulnerability in Apple mac OS X Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file. | 7.2 |
| 2016-07-13 | CVE-2016-4255 | Use-After-Free Remote Code Execution vulnerability in Adobe Acrobat and Reader Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. | 6.8 |