Vulnerabilities > Apple > High

DATE CVE VULNERABILITY TITLE RISK
2016-09-25 CVE-2016-4766 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4767, and CVE-2016-4768.
network
low complexity
apple CWE-119
8.8
2016-09-25 CVE-2016-4765 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4766, CVE-2016-4767, and CVE-2016-4768.
network
low complexity
apple CWE-119
8.8
2016-09-25 CVE-2016-4762 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, iCloud before 6.0 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
network
low complexity
apple CWE-119
8.8
2016-09-25 CVE-2016-4759 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4765, CVE-2016-4766, CVE-2016-4767, and CVE-2016-4768.
network
low complexity
apple CWE-119
8.8
2016-09-25 CVE-2016-4754 Cryptographic Issues vulnerability in Apple OS X Server
ServerDocs Server in Apple OS X Server before 5.2 supports the RC4 cipher, which might allow remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
network
low complexity
apple CWE-310
7.5
2016-09-25 CVE-2016-4753 Improper Input Validation vulnerability in Apple products
Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 mishandle signed disk images, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
local
low complexity
apple CWE-20
7.8
2016-09-25 CVE-2016-4750 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS
S2 Camera in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
local
low complexity
apple CWE-119
7.8
2016-09-25 CVE-2016-4738 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
network
low complexity
apple debian CWE-119
8.8
2016-09-25 CVE-2016-4737 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
WebKit in Apple iOS before 10, Safari before 10, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
network
low complexity
apple CWE-119
8.8
2016-09-25 CVE-2016-4736 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
libarchive in Apple OS X before 10.12 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted file.
network
low complexity
apple CWE-119
8.8