Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2016
CVE-2016-1796
Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds memory access) via a crafted app.
CVSS Score
3.3
EPSS Score
0.003
Published
2016-05-20
CVE-2016-1795
AppleGraphicsPowerManagement in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS Score
7.8
EPSS Score
0.004
Published
2016-05-20
CVE-2016-1794
The AppleGraphicsControlClient::checkArguments method in AppleGraphicsControl in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
CVSS Score
7.8
EPSS Score
0.02
Published
2016-05-20
CVE-2016-1793
AppleGraphicsDeviceControlClient in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
CVSS Score
7.8
EPSS Score
0.02
Published
2016-05-20
CVE-2016-1792
The AMD subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS Score
7.8
EPSS Score
0.004
Published
2016-05-20
CVE-2016-1791
The AMD subsystem in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.
CVSS Score
3.3
EPSS Score
0.003
Published
2016-05-20
CVE-2016-1790
Buffer overflow in the Accessibility component in Apple iOS before 9.3.2 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.
CVSS Score
3.3
EPSS Score
0.003
Published
2016-05-20
CVE-2016-1742
Untrusted search path vulnerability in the installer in Apple iTunes before 12.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
CVSS Score
7.8
EPSS Score
0.0
Published
2016-05-20
CVE-2015-8865
The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service (buffer overflow and application crash) or possibly execute arbitrary code via a crafted magic file.
CVSS Score
7.3
EPSS Score
0.061
Published
2016-05-20
CVE-2016-2208
The kernel component in Symantec Anti-Virus Engine (AVE) 20151.1 before 20151.1.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation and system crash) via a malformed PE header file.
CVSS Score
9.1
EPSS Score
0.527
Published
2016-05-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved