Vulnerabilities > Apple > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-07-22 | CVE-2016-4651 | Cross-site Scripting vulnerability in Apple Iphone OS and Safari Cross-site scripting (XSS) vulnerability in the WebKit JavaScript bindings in Apple iOS before 9.3.3 and Safari before 9.1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP/0.9 response, related to a "cross-protocol cross-site scripting (XPXSS)" vulnerability. | 4.3 |
| 2016-07-22 | CVE-2016-4648 | Information Exposure vulnerability in Apple mac OS X Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors. | 4.9 |
| 2016-07-22 | CVE-2016-4646 | Information Exposure vulnerability in Apple mac OS X Audio in Apple OS X before 10.11.6 mishandles a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted audio file. | 4.3 |
| 2016-07-22 | CVE-2016-4639 | Multiple Security vulnerability in Apple Mac OS X APPLE-SA-2016-07-18-1 Login Window in Apple OS X before 10.11.6 does not properly initialize memory, which allows local users to cause a denial of service via unspecified vectors. local apple | 4.4 |
| 2016-07-22 | CVE-2016-4637 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted BMP image. | 6.8 |
| 2016-07-22 | CVE-2016-4633 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Intel Graphics Driver in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 6.9 |
| 2016-07-22 | CVE-2016-4632 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | 5.0 |
| 2016-07-22 | CVE-2016-4631 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF file. | 6.8 |
| 2016-07-22 | CVE-2016-4630 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted EXR image with B44 compression. | 6.8 |
| 2016-07-22 | CVE-2016-4628 | Information Exposure vulnerability in Apple Iphone OS and Watchos IOAcceleratorFamily in Apple iOS before 9.3.3 and watchOS before 2.2.2 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via unspecified vectors. | 4.9 |