CVSS: 6.1EPSS: 1%CPEs: 4EXPL: 0CVE-2016-4585 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4585
19 Jul 2016 — Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari. Vulnerabilidad de XSS en la implementación de WebKit Page Loading en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos inye... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 1%CPEs: 9EXPL: 0CVE-2016-4608 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-4608
19 Jul 2016 — libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612. libxslt en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, iTunes en versiones an... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2016-4589 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4589
19 Jul 2016 — WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4622, CVE-2016-4623, and CVE-2016-4624. WebKit en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupc... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4586 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4586
19 Jul 2016 — WebKit in Apple Safari before 9.1.2 and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. WebKit en Apple Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScr... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 4%CPEs: 4EXPL: 0CVE-2016-4591 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4591
19 Jul 2016 — WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors. Webkit en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 no maneja correctamente la variable de localización, lo que permite a atacantes remotos acceder al sistema de archivos local a través de vectores no especificados. A large number of se... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4650 – Apple OS X IOHIDFamily Heap Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-4650
19 Jul 2016 — Heap-based buffer overflow in IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Desbordamiento de búfer basado en memoria dinámica en IOHIDFamily en Apple iOS en versiones anteriores a 9.3.2, OS X en versiones anteriores a 10.11.5 y tvOS en versiones anteriores a 9.2.1 permite a atacantes ejecutar código arbitrario en un contexto privilegiado ... • http://www.securityfocus.com/bid/92034 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2016-4623 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4623
19 Jul 2016 — WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4622, and CVE-2016-4624. WebKit en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2, y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrup... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 55%CPEs: 3EXPL: 2CVE-2016-4622 – Apple Safari Array.splice Out-Of-Bounds Access Remote Code Execuction Vulnerability
https://notcve.org/view.php?id=CVE-2016-4622
19 Jul 2016 — WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4623, and CVE-2016-4624. WebKit en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupc... • https://github.com/hdbreaker/WebKit-CVE-2016-4622 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-1865 – Apple Security Advisory 2016-07-18-3
https://notcve.org/view.php?id=CVE-2016-1865
19 Jul 2016 — The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors. El kernel en Apple iOS en versiones anteriores a 9.3.3, OS X en versiones anteriores a 10.11.6, tvOS en versiones anteriores a 9.2.2 y watchOS en versiones anteriores a 2.2.2 permite a usuarios locales provocar una denegación de servicio (referencia a puntero NULL) a través de vectores no especificados. OS X... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 2%CPEs: 5EXPL: 0CVE-2016-4592 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4592
19 Jul 2016 — WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted web site. Webkit en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos provocar una denegación del servicio (consumo de memoria) a través de un sitio web manipulado. WebKitGTK+ suffers from same-origin bypass, information disclosure, memory corrupti... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-400: Uncontrolled Resource Consumption •