Vulnerabilities > Apple > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-08-25 | CVE-2016-4655 | Unspecified vulnerability in Apple Iphone OS The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensitive information from memory via a crafted app. | 5.5 |
| 2016-07-22 | CVE-2016-4651 | Cross-site Scripting vulnerability in Apple Iphone OS and Safari Cross-site scripting (XSS) vulnerability in the WebKit JavaScript bindings in Apple iOS before 9.3.3 and Safari before 9.1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP/0.9 response, related to a "cross-protocol cross-site scripting (XPXSS)" vulnerability. | 4.3 |
| 2016-07-22 | CVE-2016-4648 | Information Exposure vulnerability in Apple mac OS X Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors. | 4.9 |
| 2016-07-22 | CVE-2016-4646 | Information Exposure vulnerability in Apple mac OS X Audio in Apple OS X before 10.11.6 mishandles a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted audio file. | 4.3 |
| 2016-07-22 | CVE-2016-4639 | Multiple Security vulnerability in Apple Mac OS X APPLE-SA-2016-07-18-1 Login Window in Apple OS X before 10.11.6 does not properly initialize memory, which allows local users to cause a denial of service via unspecified vectors. local apple | 4.4 |
| 2016-07-22 | CVE-2016-4637 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted BMP image. | 6.8 |
| 2016-07-22 | CVE-2016-4633 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Intel Graphics Driver in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 6.9 |
| 2016-07-22 | CVE-2016-4632 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | 5.0 |
| 2016-07-22 | CVE-2016-4631 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF file. | 6.8 |
| 2016-07-22 | CVE-2016-4630 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted EXR image with B44 compression. | 6.8 |