Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2016
CVE-2016-4598
QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image.
CVSS Score
9.8
EPSS Score
0.017
Published
2016-07-22
CVE-2016-4597
QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4600, and CVE-2016-4602.
CVSS Score
8.8
EPSS Score
0.008
Published
2016-07-22
CVE-2016-4596
QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4597, CVE-2016-4600, and CVE-2016-4602.
CVSS Score
8.8
EPSS Score
0.008
Published
2016-07-22
CVE-2016-4595
Safari Login AutoFill in Apple OS X before 10.11.6 allows physically proximate attackers to discover passwords by reading the screen during the login procedure.
CVSS Score
4.6
EPSS Score
0.001
Published
2016-07-22
CVE-2016-4594
The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an API call.
CVSS Score
7.8
EPSS Score
0.002
Published
2016-07-22
CVE-2016-4593
The Siri Contacts component in Apple iOS before 9.3.3 allows physically proximate attackers to read arbitrary Contact card information via unspecified vectors.
CVSS Score
2.4
EPSS Score
0.001
Published
2016-07-22
CVE-2016-4592
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted web site.
CVSS Score
6.5
EPSS Score
0.029
Published
2016-07-22
CVE-2016-4591
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.04
Published
2016-07-22
CVE-2016-4590
WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles about: URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
CVSS Score
5.4
EPSS Score
0.004
Published
2016-07-22
CVE-2016-4589
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4622, CVE-2016-4623, and CVE-2016-4624.
CVSS Score
8.8
EPSS Score
0.008
Published
2016-07-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved