Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-09-26 | CVE-2016-0248 | Information Exposure vulnerability in IBM Security Guardium 10.0/9.0 IBM Security Guardium 9.0 before p700 and 10.0 before p100 allows man-in-the-middle attackers to obtain sensitive query-string information from SSL sessions via unspecified vectors. | 3.7 |
| 2016-09-25 | CVE-2016-4751 | 7PK - Security Features vulnerability in Apple Safari The Safari Tabs component in Apple Safari before 10 allows remote attackers to spoof the address bar of a tab via a crafted web site. | 3.5 |
| 2016-09-25 | CVE-2016-4739 | Information Exposure vulnerability in Apple mac OS X mDNSResponder in Apple OS X before 10.12, when VMnet.framework is used, arranges for a DNS proxy to listen on all interfaces, which allows remote attackers to obtain sensitive information by sending a DNS query to an unintended interface. | 3.7 |
| 2016-09-25 | CVE-2016-4717 | Unspecified vulnerability in Apple mac OS X The File Bookmark component in Apple OS X before 10.12 mishandles scoped-bookmark file descriptors, which allows attackers to cause a denial of service via a crafted app. | 3.3 |
| 2016-09-25 | CVE-2016-4715 | Information Exposure vulnerability in Apple mac OS X The Date & Time Pref Pane component in Apple OS X before 10.12 mishandles the .GlobalPreferences file, which allows attackers to discover a user's location via a crafted app. | 3.3 |
| 2016-09-18 | CVE-2016-4749 | Information Exposure vulnerability in Apple Iphone OS Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file. | 3.3 |
| 2016-09-18 | CVE-2016-4747 | Information Exposure vulnerability in Apple Iphone OS Mail in Apple iOS before 10 mishandles certificates, which makes it easier for man-in-the-middle attackers to discover mail credentials via unspecified vectors. | 3.7 |
| 2016-09-18 | CVE-2016-4740 | Information Exposure vulnerability in Apple Iphone OS Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin has occurred before displaying messages, which might allow attackers to obtain sensitive information via unspecified vectors. | 2.9 |
| 2016-09-18 | CVE-2016-4620 | Information Exposure vulnerability in Apple Iphone OS The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to directory metadata for SMS draft directories, which allows attackers to discover text-message recipients via a crafted app. | 3.3 |
| 2016-09-14 | CVE-2016-3354 | 7PK - Security Features vulnerability in Microsoft products The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "GDI Information Disclosure Vulnerability." | 3.3 |