Total
1633 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-0802 | 2 Apple, Google | 5 Iphone Os, Mac Os X, Tvos and 2 more | 2023-12-10 | 8.3 HIGH | 8.8 HIGH |
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25306181. | |||||
CVE-2016-4734 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2023-12-10 | 9.3 HIGH | 9.6 CRITICAL |
WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4733, and CVE-2016-4735. | |||||
CVE-2016-4767 | 2 Apple, Microsoft | 5 Iphone Os, Itunes, Safari and 2 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4768. | |||||
CVE-2016-4772 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to cause a denial of service (unintended lock) via unspecified vectors. | |||||
CVE-2016-4584 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
The WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | |||||
CVE-2016-1827 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1828, CVE-2016-1829, and CVE-2016-1830. | |||||
CVE-2015-7995 | 2 Apple, Xmlsoft | 5 Iphone Os, Mac Os X, Tvos and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue. | |||||
CVE-2016-4738 | 2 Apple, Debian | 5 Iphone Os, Mac Os X, Tvos and 2 more | 2023-12-10 | 9.3 HIGH | 8.8 HIGH |
libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | |||||
CVE-2016-4627 | 1 Apple | 3 Iphone Os, Tvos, Watchos | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. | |||||
CVE-2015-7103 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, and CVE-2015-7102. | |||||
CVE-2016-4768 | 2 Apple, Microsoft | 5 Iphone Os, Itunes, Safari and 2 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4767. | |||||
CVE-2016-4611 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4730, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735. | |||||
CVE-2015-7055 | 1 Apple | 2 Iphone Os, Tvos | 2023-12-10 | 9.3 HIGH | N/A |
AppleMobileFileIntegrity in Apple iOS before 9.2 and tvOS before 9.1 does not prevent changes to access-control structures, which allows attackers to execute arbitrary code in a privileged context via a crafted app. | |||||
CVE-2016-1753 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allow attackers to execute arbitrary code in a privileged context via a crafted app. | |||||
CVE-2016-1801 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 mishandles URLs in http and https requests, which allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
CVE-2016-4774 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2023-12-10 | 5.8 MEDIUM | 7.1 HIGH |
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4776. | |||||
CVE-2016-4766 | 2 Apple, Microsoft | 5 Iphone Os, Itunes, Safari and 2 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4767, and CVE-2016-4768. | |||||
CVE-2015-7075 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2023-12-10 | 6.8 MEDIUM | N/A |
CoreMedia Playback in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed media file. | |||||
CVE-2015-7038 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2023-12-10 | 6.8 MEDIUM | N/A |
Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7039. | |||||
CVE-2016-4585 | 1 Apple | 4 Iphone Os, Safari, Tvos and 1 more | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari. |