CVEs

28,464 total · page 523 of 570

CVE	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2016-5744	Hig	0.49	7.5	0.01	Jul 22, 2016	Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers to read arbitrary WinCC station files via crafted packets.
CVE-2016-4653	Hig	0.51	7.8	0.00	Jul 22, 2016	The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4582.
CVE-2016-4647	Hig	0.51	7.8	0.00	Jul 22, 2016	Audio in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted file.
CVE-2016-4641	Hig	0.47	7.3	0.00	Jul 22, 2016	Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or obtain sensitive user information via a crafted app that leverages a "type confusion."
CVE-2016-4640	Hig	0.51	7.8	0.00	Jul 22, 2016	Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-4639	Hig	0.46	7.0	0.00	Jul 22, 2016	Login Window in Apple OS X before 10.11.6 does not properly initialize memory, which allows local users to cause a denial of service via unspecified vectors.
CVE-2016-4638	Hig	0.51	7.8	0.00	Jul 22, 2016	Login Window in Apple OS X before 10.11.6 allows attackers to gain privileges via a crafted app that leverages a "type confusion."
CVE-2016-4637	Hig	0.57	8.8	0.02	Jul 22, 2016	CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted BMP image.
CVE-2016-4634	Hig	0.51	7.8	0.00	Jul 22, 2016	The Graphics Drivers subsystem in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2016-4633	Hig	0.51	7.8	0.00	Jul 22, 2016	Intel Graphics Driver in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-4632	Hig	0.49	7.5	0.03	Jul 22, 2016	ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVE-2016-4631	Hig	0.57	8.8	0.03	Jul 22, 2016	ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF file.
CVE-2016-4630	Hig	0.57	8.8	0.01	Jul 22, 2016	ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted EXR image with B44 compression.
CVE-2016-4627	Hig	0.51	7.8	0.00	Jul 22, 2016	IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
CVE-2016-4626	Hig	0.51	7.8	0.00	Jul 22, 2016	IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
CVE-2016-4625	Hig	0.54	7.8	0.01	Jul 22, 2016	Use-after-free vulnerability in IOSurface in Apple OS X before 10.11.6 allows local users to gain privileges via unspecified vectors.
CVE-2016-4624	Hig	0.57	8.8	0.01	Jul 22, 2016	WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4622, and CVE-2016-4623.
CVE-2016-4623	Hig	0.57	8.8	0.00	Jul 22, 2016	WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4622, and CVE-2016-4624.
CVE-2016-4622	Hig	0.63	8.8	0.69	Jul 22, 2016	WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4623, and CVE-2016-4624.
CVE-2016-4621	Hig	0.51	7.8	0.00	Jul 22, 2016	libc++abi in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-4602	Hig	0.57	8.8	0.01	Jul 22, 2016	QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4597, and CVE-2016-4600.
CVE-2016-4601	Hig	0.57	8.8	0.01	Jul 22, 2016	QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SGI image.
CVE-2016-4600	Hig	0.57	8.8	0.01	Jul 22, 2016	QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4597, and CVE-2016-4602.
CVE-2016-4599	Hig	0.51	7.8	0.01	Jul 22, 2016	QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop document.
CVE-2016-4597	Hig	0.57	8.8	0.01	Jul 22, 2016	QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4600, and CVE-2016-4602.
CVE-2016-4596	Hig	0.57	8.8	0.01	Jul 22, 2016	QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4597, CVE-2016-4600, and CVE-2016-4602.
CVE-2016-4594	Hig	0.51	7.8	0.00	Jul 22, 2016	The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an API call.
CVE-2016-4591	Hig	0.49	7.5	0.03	Jul 22, 2016	WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors.
CVE-2016-4589	Hig	0.57	8.8	0.00	Jul 22, 2016	WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4622, CVE-2016-4623, and CVE-2016-4624.
CVE-2016-4588	Hig	0.57	8.8	0.01	Jul 22, 2016	WebKit in Apple tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVE-2016-4586	Hig	0.57	8.8	0.01	Jul 22, 2016	WebKit in Apple Safari before 9.1.2 and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVE-2016-4584	Hig	0.57	8.8	0.01	Jul 22, 2016	The WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVE-2016-4582	Hig	0.51	7.8	0.00	Jul 22, 2016	The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4653.
CVE-2016-1863	Hig	0.54	7.8	0.00	Jul 22, 2016	The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4582 and CVE-2016-4653.
CVE-2014-9862	Hig	0.51	7.8	0.09	Jul 22, 2016	Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.
CVE-2016-5476	Hig	0.49	7.6	0.01	Jul 21, 2016	Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install.
CVE-2016-5475	Hig	0.49	7.6	0.01	Jul 21, 2016	Unspecified vulnerability in the Oracle Retail Service Backbone component in Oracle Retail Applications 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install.
CVE-2016-5474	Hig	0.57	8.8	0.02	Jul 21, 2016	Unspecified vulnerability in the Oracle Retail Service Backbone component in Oracle Retail Applications 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RSB Kernel.
CVE-2016-5472	Hig	0.51	7.8	0.00	Jul 21, 2016	Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows local users to affect confidentiality, integrity, and availability via vectors related to Install and Packaging.
CVE-2016-5465	Hig	0.53	8.2	0.00	Jul 21, 2016	Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Panel Processor.
CVE-2016-5457	Hig	0.57	8.8	0.02	Jul 21, 2016	Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to LUMAIN.
CVE-2016-5451	Hig	0.53	8.1	0.00	Jul 21, 2016	Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality and integrity via vectors related to EAI, a different vulnerability than CVE-2016-5468.
CVE-2016-5449	Hig	0.49	7.5	0.02	Jul 21, 2016	Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect availability via vectors related to Console Redirection.
CVE-2016-5447	Hig	0.50	7.6	0.02	Jul 21, 2016	Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2016-5446	Hig	0.48	7.3	0.01	Jul 21, 2016	Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Infrastructure.
CVE-2016-5445	Hig	0.54	8.3	0.01	Jul 21, 2016	Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2016-3596	Hig	0.56	8.6	0.02	Jul 21, 2016	Unspecified vulnerability in the Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-3574, CVE-2016-3575, CVE-2016-3576, CVE-2016-3577, CVE-2016-3578, CVE-2016-3579, CVE-2016-3580, CVE-2016-3581, CVE-2016-3582, CVE-2016-3583, CVE-2016-3590, CVE-2016-3591, CVE-2016-3592, CVE-2016-3593, CVE-2016-3594, and CVE-2016-3595.
CVE-2016-3595	Hig	0.56	8.6	0.02	Jul 21, 2016	Unspecified vulnerability in the Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-3574, CVE-2016-3575, CVE-2016-3576, CVE-2016-3577, CVE-2016-3578, CVE-2016-3579, CVE-2016-3580, CVE-2016-3581, CVE-2016-3582, CVE-2016-3583, CVE-2016-3590, CVE-2016-3591, CVE-2016-3592, CVE-2016-3593, CVE-2016-3594, and CVE-2016-3596.
CVE-2016-3594	Hig	0.56	8.6	0.02	Jul 21, 2016	Unspecified vulnerability in the Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-3574, CVE-2016-3575, CVE-2016-3576, CVE-2016-3577, CVE-2016-3578, CVE-2016-3579, CVE-2016-3580, CVE-2016-3581, CVE-2016-3582, CVE-2016-3583, CVE-2016-3590, CVE-2016-3591, CVE-2016-3592, CVE-2016-3593, CVE-2016-3595, and CVE-2016-3596.
CVE-2016-3593	Hig	0.56	8.6	0.02	Jul 21, 2016	Unspecified vulnerability in the Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-3574, CVE-2016-3575, CVE-2016-3576, CVE-2016-3577, CVE-2016-3578, CVE-2016-3579, CVE-2016-3580, CVE-2016-3581, CVE-2016-3582, CVE-2016-3583, CVE-2016-3590, CVE-2016-3591, CVE-2016-3592, CVE-2016-3594, CVE-2016-3595, and CVE-2016-3596.

CVE-2016-5744HigJul 22, 2016
risk 0.49cvss 7.5epss 0.01
Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers to read arbitrary WinCC station files via crafted packets.
CVE-2016-4653HigJul 22, 2016
risk 0.51cvss 7.8epss 0.00
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4582.
CVE-2016-4647HigJul 22, 2016
risk 0.51cvss 7.8epss 0.00
Audio in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted file.
CVE-2016-4641HigJul 22, 2016
risk 0.47cvss 7.3epss 0.00
Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or obtain sensitive user information via a crafted app that leverages a "type confusion."
CVE-2016-4640HigJul 22, 2016
risk 0.51cvss 7.8epss 0.00
Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-4639HigJul 22, 2016
risk 0.46cvss 7.0epss 0.00
Login Window in Apple OS X before 10.11.6 does not properly initialize memory, which allows local users to cause a denial of service via unspecified vectors.
CVE-2016-4638HigJul 22, 2016
risk 0.51cvss 7.8epss 0.00
Login Window in Apple OS X before 10.11.6 allows attackers to gain privileges via a crafted app that leverages a "type confusion."
CVE-2016-4637HigJul 22, 2016
risk 0.57cvss 8.8epss 0.02
CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted BMP image.
CVE-2016-4634HigJul 22, 2016
risk 0.51cvss 7.8epss 0.00
The Graphics Drivers subsystem in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2016-4633HigJul 22, 2016
risk 0.51cvss 7.8epss 0.00
Intel Graphics Driver in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-4632HigJul 22, 2016
risk 0.49cvss 7.5epss 0.03
ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVE-2016-4631HigJul 22, 2016
risk 0.57cvss 8.8epss 0.03
ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF file.
CVE-2016-4630HigJul 22, 2016
risk 0.57cvss 8.8epss 0.01
ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted EXR image with B44 compression.
CVE-2016-4627HigJul 22, 2016
risk 0.51cvss 7.8epss 0.00
IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
CVE-2016-4626HigJul 22, 2016
risk 0.51cvss 7.8epss 0.00
IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
CVE-2016-4625HigJul 22, 2016
risk 0.54cvss 7.8epss 0.01
Use-after-free vulnerability in IOSurface in Apple OS X before 10.11.6 allows local users to gain privileges via unspecified vectors.
CVE-2016-4624HigJul 22, 2016
risk 0.57cvss 8.8epss 0.01
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4622, and CVE-2016-4623.
CVE-2016-4623HigJul 22, 2016
risk 0.57cvss 8.8epss 0.00
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4622, and CVE-2016-4624.
CVE-2016-4622HigJul 22, 2016
risk 0.63cvss 8.8epss 0.69
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4623, and CVE-2016-4624.
CVE-2016-4621HigJul 22, 2016
risk 0.51cvss 7.8epss 0.00
libc++abi in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-4602HigJul 22, 2016
risk 0.57cvss 8.8epss 0.01
QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4597, and CVE-2016-4600.
CVE-2016-4601HigJul 22, 2016
risk 0.57cvss 8.8epss 0.01
QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SGI image.
CVE-2016-4600HigJul 22, 2016
risk 0.57cvss 8.8epss 0.01
QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4597, and CVE-2016-4602.
CVE-2016-4599HigJul 22, 2016
risk 0.51cvss 7.8epss 0.01
QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop document.
CVE-2016-4597HigJul 22, 2016
risk 0.57cvss 8.8epss 0.01
QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4600, and CVE-2016-4602.
CVE-2016-4596HigJul 22, 2016
risk 0.57cvss 8.8epss 0.01
QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4597, CVE-2016-4600, and CVE-2016-4602.
CVE-2016-4594HigJul 22, 2016
risk 0.51cvss 7.8epss 0.00
The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an API call.
CVE-2016-4591HigJul 22, 2016
risk 0.49cvss 7.5epss 0.03
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors.
CVE-2016-4589HigJul 22, 2016
risk 0.57cvss 8.8epss 0.00
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4622, CVE-2016-4623, and CVE-2016-4624.
CVE-2016-4588HigJul 22, 2016
risk 0.57cvss 8.8epss 0.01
WebKit in Apple tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVE-2016-4586HigJul 22, 2016
risk 0.57cvss 8.8epss 0.01
WebKit in Apple Safari before 9.1.2 and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVE-2016-4584HigJul 22, 2016
risk 0.57cvss 8.8epss 0.01
The WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVE-2016-4582HigJul 22, 2016
risk 0.51cvss 7.8epss 0.00
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4653.
CVE-2016-1863HigJul 22, 2016
risk 0.54cvss 7.8epss 0.00
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4582 and CVE-2016-4653.
CVE-2014-9862HigJul 22, 2016
risk 0.51cvss 7.8epss 0.09
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.
CVE-2016-5476HigJul 21, 2016
risk 0.49cvss 7.6epss 0.01
Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install.
CVE-2016-5475HigJul 21, 2016
risk 0.49cvss 7.6epss 0.01
Unspecified vulnerability in the Oracle Retail Service Backbone component in Oracle Retail Applications 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install.
CVE-2016-5474HigJul 21, 2016
risk 0.57cvss 8.8epss 0.02
Unspecified vulnerability in the Oracle Retail Service Backbone component in Oracle Retail Applications 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RSB Kernel.
CVE-2016-5472HigJul 21, 2016
risk 0.51cvss 7.8epss 0.00
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows local users to affect confidentiality, integrity, and availability via vectors related to Install and Packaging.
CVE-2016-5465HigJul 21, 2016
risk 0.53cvss 8.2epss 0.00
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Panel Processor.
CVE-2016-5457HigJul 21, 2016
risk 0.57cvss 8.8epss 0.02
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to LUMAIN.
CVE-2016-5451HigJul 21, 2016
risk 0.53cvss 8.1epss 0.00
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality and integrity via vectors related to EAI, a different vulnerability than CVE-2016-5468.
CVE-2016-5449HigJul 21, 2016
risk 0.49cvss 7.5epss 0.02
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect availability via vectors related to Console Redirection.
CVE-2016-5447HigJul 21, 2016
risk 0.50cvss 7.6epss 0.02
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2016-5446HigJul 21, 2016
risk 0.48cvss 7.3epss 0.01
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Infrastructure.
CVE-2016-5445HigJul 21, 2016
risk 0.54cvss 8.3epss 0.01
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2016-3596HigJul 21, 2016
risk 0.56cvss 8.6epss 0.02
Unspecified vulnerability in the Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-3574, CVE-2016-3575, CVE-2016-3576, CVE-2016-3577, CVE-2016-3578, CVE-2016-3579, CVE-2016-3580, CVE-2016-3581, CVE-2016-3582, CVE-2016-3583, CVE-2016-3590, CVE-2016-3591, CVE-2016-3592, CVE-2016-3593, CVE-2016-3594, and CVE-2016-3595.
CVE-2016-3595HigJul 21, 2016
risk 0.56cvss 8.6epss 0.02
Unspecified vulnerability in the Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-3574, CVE-2016-3575, CVE-2016-3576, CVE-2016-3577, CVE-2016-3578, CVE-2016-3579, CVE-2016-3580, CVE-2016-3581, CVE-2016-3582, CVE-2016-3583, CVE-2016-3590, CVE-2016-3591, CVE-2016-3592, CVE-2016-3593, CVE-2016-3594, and CVE-2016-3596.
CVE-2016-3594HigJul 21, 2016
risk 0.56cvss 8.6epss 0.02
Unspecified vulnerability in the Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-3574, CVE-2016-3575, CVE-2016-3576, CVE-2016-3577, CVE-2016-3578, CVE-2016-3579, CVE-2016-3580, CVE-2016-3581, CVE-2016-3582, CVE-2016-3583, CVE-2016-3590, CVE-2016-3591, CVE-2016-3592, CVE-2016-3593, CVE-2016-3595, and CVE-2016-3596.
CVE-2016-3593HigJul 21, 2016
risk 0.56cvss 8.6epss 0.02
Unspecified vulnerability in the Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-3574, CVE-2016-3575, CVE-2016-3576, CVE-2016-3577, CVE-2016-3578, CVE-2016-3579, CVE-2016-3580, CVE-2016-3581, CVE-2016-3582, CVE-2016-3583, CVE-2016-3590, CVE-2016-3591, CVE-2016-3592, CVE-2016-3594, CVE-2016-3595, and CVE-2016-3596.