Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2016-07-22 CVE-2016-4586 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari
WebKit in Apple Safari before 9.1.2 and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
network
low complexity
apple CWE-119
8.8
2016-07-22 CVE-2016-4584 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS
The WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
network
low complexity
apple CWE-119
8.8
2016-07-22 CVE-2016-4582 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4653.
local
low complexity
apple CWE-119
7.8
2016-07-22 CVE-2016-1863 Use After Free vulnerability in Apple products
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4582 and CVE-2016-4653.
local
low complexity
apple CWE-416
7.8
2016-07-22 CVE-2014-9862 Integer Overflow or Wraparound vulnerability in Apple mac OS X
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.
local
low complexity
apple CWE-190
7.8
2016-07-21 CVE-2016-5476 Unspecified vulnerability in Oracle Retail Integration BUS
Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install.
network
low complexity
oracle
7.6
2016-07-21 CVE-2016-5475 Unspecified vulnerability in Oracle Retail Service Backbone 14.0/14.1/15.0
Unspecified vulnerability in the Oracle Retail Service Backbone component in Oracle Retail Applications 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install.
network
low complexity
oracle
7.6
2016-07-21 CVE-2016-5474 Unspecified vulnerability in Oracle Retail Service Backbone 14.0/14.1/15.0
Unspecified vulnerability in the Oracle Retail Service Backbone component in Oracle Retail Applications 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RSB Kernel.
network
low complexity
oracle
8.8
2016-07-21 CVE-2016-5472 Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows local users to affect confidentiality, integrity, and availability via vectors related to Install and Packaging.
local
low complexity
oracle
7.8
2016-07-21 CVE-2016-5465 Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.53/8.54/8.55
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Panel Processor.
network
low complexity
oracle
8.2