Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2016
CVE-2016-1806
Crash Reporter in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVSS Score
7.8
EPSS Score
0.003
Published
2016-05-20
CVE-2016-1805
CoreStorage in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVSS Score
7.8
EPSS Score
0.004
Published
2016-05-20
CVE-2016-1804
The Multi-Touch subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS Score
7.8
EPSS Score
0.007
Published
2016-05-20
CVE-2016-1803
CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
CVSS Score
7.8
EPSS Score
0.026
Published
2016-05-20
CVE-2016-1802
CCCrypt in CommonCrypto in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 mishandles return values during key-length calculations, which allows attackers to obtain sensitive information via a crafted app.
CVSS Score
5.5
EPSS Score
0.003
Published
2016-05-20
CVE-2016-1801
The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 mishandles URLs in http and https requests, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.073
Published
2016-05-20
CVE-2016-1800
Captive Network Assistant in Apple OS X before 10.11.5 mishandles a custom URL scheme, which allows user-assisted remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.013
Published
2016-05-20
CVE-2016-1799
Audio in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS Score
7.8
EPSS Score
0.004
Published
2016-05-20
CVE-2016-1798
Audio in Apple OS X before 10.11.5 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app.
CVSS Score
3.3
EPSS Score
0.003
Published
2016-05-20
CVE-2016-1797
Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to bypass intended FontValidator sandbox-policy restrictions and execute arbitrary code in a privileged context via a crafted app.
CVSS Score
7.8
EPSS Score
0.001
Published
2016-05-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved