Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-07-22 | CVE-2016-4599 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop document. | 6.8 |
| 2016-07-22 | CVE-2016-4598 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image. | 6.8 |
| 2016-07-22 | CVE-2016-4597 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4600, and CVE-2016-4602. | 6.8 |
| 2016-07-22 | CVE-2016-4596 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4597, CVE-2016-4600, and CVE-2016-4602. | 6.8 |
| 2016-07-22 | CVE-2016-4594 | Improper Input Validation vulnerability in Apple products The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an API call. | 6.8 |
| 2016-07-22 | CVE-2016-4590 | Improper Input Validation vulnerability in Apple Safari and Webkit WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles about: URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. | 4.3 |
| 2016-07-22 | CVE-2016-4589 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Webkit WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4622, CVE-2016-4623, and CVE-2016-4624. | 6.8 |
| 2016-07-22 | CVE-2016-4588 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Webkit WebKit in Apple tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 6.8 |
| 2016-07-22 | CVE-2016-4587 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Webkit WebKit in Apple iOS before 9.3.3 and tvOS before 9.2.2 allows remote attackers to obtain sensitive information from uninitialized process memory via a crafted web site. | 4.3 |
| 2016-07-22 | CVE-2016-4586 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari and Tvos WebKit in Apple Safari before 9.1.2 and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 6.8 |