Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-03-24 | CVE-2016-1780 | Information Exposure vulnerability in Apple Iphone OS WebKit in Apple iOS before 9.3 does not prevent hidden web views from reading orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment via a crafted web site. | 4.3 |
| 2016-03-24 | CVE-2016-1779 | Information Exposure vulnerability in Apple Iphone OS and Safari WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote attackers to bypass the Same Origin Policy and obtain physical-location data via a crafted geolocation request. | 4.3 |
| 2016-03-24 | CVE-2016-1778 | Resource Management Errors vulnerability in Apple Iphone OS and Safari WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 9.3 |
| 2016-03-24 | CVE-2016-1777 | Cryptographic Issues vulnerability in Apple mac OS X Server Web Server in Apple OS X Server before 5.1 supports the RC4 algorithm, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. | 5.0 |
| 2016-03-24 | CVE-2016-1776 | Improper Access Control vulnerability in Apple mac OS X Server Web Server in Apple OS X Server before 5.1 does not properly restrict access to .DS_Store and .htaccess files, which allows remote attackers to obtain sensitive configuration information via an HTTP request. | 5.0 |
| 2016-03-24 | CVE-2016-1775 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file. | 9.3 |
| 2016-03-24 | CVE-2016-1774 | Improper Access Control vulnerability in Apple mac OS X Server The Time Machine server in Server App in Apple OS X Server before 5.1 does not notify the user about ignored permissions during a backup, which makes it easier for remote attackers to obtain sensitive information in opportunistic circumstances by reading backup data that lacks intended restrictions. | 5.0 |
| 2016-03-24 | CVE-2016-1773 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X The code-signing subsystem in Apple OS X before 10.11.4 does not properly verify file ownership, which allows local users to determine the existence of arbitrary files via unspecified vectors. | 2.1 |
| 2016-03-24 | CVE-2016-1772 | Information Exposure vulnerability in Apple Safari The Top Sites feature in Apple Safari before 9.1 mishandles cookie storage, which makes it easier for remote web servers to track users via unspecified vectors. | 4.3 |
| 2016-03-24 | CVE-2016-1771 | Data Processing Errors vulnerability in Apple Safari The Downloads feature in Apple Safari before 9.1 mishandles file expansion, which allows remote attackers to cause a denial of service via a crafted web site. | 7.1 |