CVSS: 9.6EPSS: 36%CPEs: 3EXPL: 0CVE-2016-4734 – Ubuntu Security Notice USN-3166-1
https://notcve.org/view.php?id=CVE-2016-4734
20 Sep 2016 — WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4733, and CVE-2016-4735. WebKit en Apple iOS en versiones anteriores a 10, Safari en versiones anteriores a 10 y tvOS en versiones anteriores a 10 permite a atacantes remotos ejecutar un código arbitrario o provocar una denegación de servicio (corrupc... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-4728 – Ubuntu Security Notice USN-3166-1
https://notcve.org/view.php?id=CVE-2016-4728
20 Sep 2016 — WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 mishandles error prototypes, which allows remote attackers to execute arbitrary code via a crafted web site. WebKit en Apple iOS en versiones anteriores a 10, tvOS en versiones anteriores a 10, iTunes en versiones anteriores a 12.5.1 en Windows y Safari en versiones anteriores a 10 maneja incorrectamente prototipos de error, lo que permite a atacantes remotos ejecutar un código arbitrario a través de un siti... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-4765 – Ubuntu Security Notice USN-3166-1
https://notcve.org/view.php?id=CVE-2016-4765
20 Sep 2016 — WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4766, CVE-2016-4767, and CVE-2016-4768. WebKit en Apple iOS en versiones anteriores a 10, tvOS en versiones anteriores a 10, iTunes en versiones anteriores a 12.5.1 en Windows y Safari en versiones anteriores a 10 permite a atacantes... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4737 – Apple Security Advisory 2016-09-20-2
https://notcve.org/view.php?id=CVE-2016-4737
20 Sep 2016 — WebKit in Apple iOS before 10, Safari before 10, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. WebKit en Apple iOS en versiones anteriores a 10, Safari en versiones anteriores a 10, tvOS en versiones anteriores a 10 y watchOS en versiones anteriores a 3 permite a atacantes remotos ejecutar un código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2016-4623 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4623
19 Jul 2016 — WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4622, and CVE-2016-4624. WebKit en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2, y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrup... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 3%CPEs: 4EXPL: 0CVE-2016-4585 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4585
19 Jul 2016 — Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari. Vulnerabilidad de XSS en la implementación de WebKit Page Loading en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos inye... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4590 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4590
19 Jul 2016 — WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles about: URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. Webkit en Apple iOS en versiones anteriores a 9.3.3 y Safari en versiones anteriores a 9.1.2 no maneja correctamente about: URLs, lo que permite a atacantes remotos eludir la Same Origin Policy a través de un sitio web manipulado. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tr... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4651 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4651
19 Jul 2016 — Cross-site scripting (XSS) vulnerability in the WebKit JavaScript bindings in Apple iOS before 9.3.3 and Safari before 9.1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP/0.9 response, related to a "cross-protocol cross-site scripting (XPXSS)" vulnerability. Vulnerabilidad de XSS en el WebKit JavaScript bindings en Apple iOS en versiones anteriores a 9.3.3 y Safari en versiones anteriores a 9.1.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbit... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4586 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4586
19 Jul 2016 — WebKit in Apple Safari before 9.1.2 and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. WebKit en Apple Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScr... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.1EPSS: 3%CPEs: 5EXPL: 0CVE-2016-4583 – WebKitGTK+ SOP Bypass / Information Disclosure
https://notcve.org/view.php?id=CVE-2016-4583
19 Jul 2016 — WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing attack involving an SVG document. WebKit en Apple iOS en versiones anteriores a 9.3.3, Safari en versiones anteriores a 9.1.2 y tvOS en versiones anteriores a 9.2.2 permite a atacantes remotos eludir la Same Origin Policy y obtener la fecha de imagen de un sitio web no intencionado a través de un ataque de sincron... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •