Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2016
Cross-site scripting (XSS) vulnerability in the WebKit JavaScript bindings in Apple iOS before 9.3.3 and Safari before 9.1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP/0.9 response, related to a "cross-protocol cross-site scripting (XPXSS)" vulnerability.
CVSS Score
6.1
EPSS Score
0.002
Published
2016-07-22
Audio in Apple OS X before 10.11.6 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.
CVSS Score
5.5
EPSS Score
0.001
Published
2016-07-22
Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors.
CVSS Score
5.5
EPSS Score
0.001
Published
2016-07-22
Audio in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted file.
CVSS Score
7.8
EPSS Score
0.001
Published
2016-07-22
Audio in Apple OS X before 10.11.6 mishandles a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted audio file.
CVSS Score
6.5
EPSS Score
0.005
Published
2016-07-22
CFNetwork in Apple OS X before 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors.
CVSS Score
3.3
EPSS Score
0.001
Published
2016-07-22
Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or obtain sensitive user information via a crafted app that leverages a "type confusion."
CVSS Score
7.3
EPSS Score
0.003
Published
2016-07-22
Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service (memory corruption) via a crafted app.
CVSS Score
7.8
EPSS Score
0.003
Published
2016-07-22
Login Window in Apple OS X before 10.11.6 does not properly initialize memory, which allows local users to cause a denial of service via unspecified vectors.
CVSS Score
7.0
EPSS Score
0.001
Published
2016-07-22
Login Window in Apple OS X before 10.11.6 allows attackers to gain privileges via a crafted app that leverages a "type confusion."
CVSS Score
7.8
EPSS Score
0.003
Published
2016-07-22


Contact Us

Shodan ® - All rights reserved