Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-09-26 | CVE-2016-3000 | Improper Input Validation vulnerability in IBM Connections The help service in IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to cause a denial of service (service degradation) via a crafted URL. | 4.0 |
| 2016-09-26 | CVE-2016-2999 | Information Exposure vulnerability in IBM Connections IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to obtain sensitive information via an unspecified brute-force attack. | 4.0 |
| 2016-09-26 | CVE-2016-0248 | Information Exposure vulnerability in IBM Security Guardium 10.0/9.0 IBM Security Guardium 9.0 before p700 and 10.0 before p100 allows man-in-the-middle attackers to obtain sensitive query-string information from SSL sessions via unspecified vectors. | 4.3 |
| 2016-09-25 | CVE-2016-5174 | Improper Input Validation vulnerability in Google Chrome browser/ui/cocoa/browser_window_controller_private.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service (unsuppressed popup) via a crafted web site. | 6.5 |
| 2016-09-25 | CVE-2016-5172 | Information Exposure vulnerability in multiple products The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code. | 6.5 |
| 2016-09-25 | CVE-2016-4779 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X Apple Type Services (ATS) in Apple OS X before 10.12 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file. | 6.8 |
| 2016-09-25 | CVE-2016-4776 | Out-of-bounds Read vulnerability in Apple products The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4774. | 5.8 |
| 2016-09-25 | CVE-2016-4774 | Out-of-bounds Read vulnerability in Apple products The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4776. | 5.8 |
| 2016-09-25 | CVE-2016-4773 | Out-of-bounds Read vulnerability in Apple products The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4774 and CVE-2016-4776. | 5.8 |
| 2016-09-25 | CVE-2016-4772 | Resource Management Errors vulnerability in Apple products The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to cause a denial of service (unintended lock) via unspecified vectors. | 5.0 |