Vulnerabilities > Apple > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-07-22 | CVE-2016-4600 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4597, and CVE-2016-4602. | 8.8 |
2016-07-22 | CVE-2016-4599 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop document. | 7.8 |
2016-07-22 | CVE-2016-4597 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4600, and CVE-2016-4602. | 8.8 |
2016-07-22 | CVE-2016-4596 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4597, CVE-2016-4600, and CVE-2016-4602. | 8.8 |
2016-07-22 | CVE-2016-4594 | Improper Input Validation vulnerability in Apple products The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an API call. | 7.8 |
2016-07-22 | CVE-2016-4591 | Improper Access Control vulnerability in Apple Webkit WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors. | 7.5 |
2016-07-22 | CVE-2016-4589 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Webkit WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4622, CVE-2016-4623, and CVE-2016-4624. | 8.8 |
2016-07-22 | CVE-2016-4588 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Webkit WebKit in Apple tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 8.8 |
2016-07-22 | CVE-2016-4586 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari WebKit in Apple Safari before 9.1.2 and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 8.8 |
2016-07-22 | CVE-2016-4584 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS The WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 8.8 |