CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4666 – Ubuntu Security Notice USN-3166-1
https://notcve.org/view.php?id=CVE-2016-4666
24 Oct 2016 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. • http://www.securityfocus.com/bid/93851 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2016-4676 – Apple Security Advisory 2016-10-24-3
https://notcve.org/view.php?id=CVE-2016-4676
24 Oct 2016 — A Cross-origin vulnerability exists in WebKit in Apple Safari before 10.0.1 when processing location attributes, which could let a remote malicious user obtain sensitive information. Se presenta una vulnerabilidad de origen cruzado en WebKit en Apple Safari versiones anteriores a 10.0.1 al procesar atributos de ubicación, lo que podría permitir a un usuario malicioso remoto obtener información confidencial. Safari 10.0.1 is now available and addresses code execution vulnerabilities. • http://seclists.org/fulldisclosure/2016/Oct/89 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4677 – Apple Safari JavaScriptCore Array Out-Of-Bounds Access Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-4677
24 Oct 2016 — An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.1 está afectado. • http://www.securityfocus.com/bid/93853 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4611 – Apple Security Advisory 2016-09-20-2
https://notcve.org/view.php?id=CVE-2016-4611
20 Sep 2016 — WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4730, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735. WebKit en Apple iOS en versiones anteriores a 10, Safari en versiones anteriores a 10 y tvOS en versiones anteriores a 10 permite a atacantes remotos ejecutar un código arbitrario o provocar una denegación de servicio (corrupc... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4618 – Apple Security Advisory 2016-09-20-2
https://notcve.org/view.php?id=CVE-2016-4618
20 Sep 2016 — Cross-site scripting (XSS) vulnerability in Safari Reader in Apple iOS before 10 and Safari before 10 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)." Vulnerabilidad de XSS en Safari Reader en Apple iOS en versiones anteriores a 10 y Safari en versiones anteriores a 10 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de un sitio web manipulado, vulnerabilidad también conocida como "Universal XSS (UXS... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0CVE-2016-4728 – Ubuntu Security Notice USN-3166-1
https://notcve.org/view.php?id=CVE-2016-4728
20 Sep 2016 — WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 mishandles error prototypes, which allows remote attackers to execute arbitrary code via a crafted web site. WebKit en Apple iOS en versiones anteriores a 10, tvOS en versiones anteriores a 10, iTunes en versiones anteriores a 12.5.1 en Windows y Safari en versiones anteriores a 10 maneja incorrectamente prototipos de error, lo que permite a atacantes remotos ejecutar un código arbitrario a través de un siti... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 1%CPEs: 2EXPL: 0CVE-2016-4729 – Apple Security Advisory 2016-09-20-2
https://notcve.org/view.php?id=CVE-2016-4729
20 Sep 2016 — WebKit in Apple iOS before 10 and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4731. WebKit en Apple iOS en versiones anteriores a 10 y Safari en versiones anteriores a 10 permite a atacantes remotos ejecutar un código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, una vulnerabilidad diferente a CVE-2016-4731. Sa... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 3EXPL: 0CVE-2016-4730 – Apple Security Advisory 2016-09-20-2
https://notcve.org/view.php?id=CVE-2016-4730
20 Sep 2016 — WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735. WebKit en Apple iOS en versiones anteriores a 10, Safari en versiones anteriores a 10 y tvOS en versiones anteriores a 10 permite a atacantes remotos ejecutar un código arbitrario o provocar una denegación de servicio (corrupc... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 2EXPL: 0CVE-2016-4731 – Apple Security Advisory 2016-09-20-2
https://notcve.org/view.php?id=CVE-2016-4731
20 Sep 2016 — WebKit in Apple iOS before 10 and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4729. WebKit en Apple iOS en versiones anteriores a 10 y Safari en versiones anteriores a 10 permite a atacantes remotos ejecutar un código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, una vulnerabilidad diferente a CVE-2016-4729. Sa... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4733 – Ubuntu Security Notice USN-3166-1
https://notcve.org/view.php?id=CVE-2016-4733
20 Sep 2016 — WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4734, and CVE-2016-4735. WebKit en Apple iOS en versiones anteriores a 10, Safari en versiones anteriores a 10 y tvOS en versiones anteriores a 10 permite a atacantes remotos ejecutar un código arbitrario o provocar una denegación de servicio (corrupc... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •