Max CVSS 10.0 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2016-4448 10.0
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
25-09-2019 - 15:29 09-06-2016 - 16:59
CVE-2016-4610 7.5
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly
18-06-2019 - 20:15 22-07-2016 - 02:59
CVE-2016-4609 7.5
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly
18-06-2019 - 20:15 22-07-2016 - 02:59
CVE-2016-4608 7.5
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly
18-06-2019 - 20:15 22-07-2016 - 02:59
CVE-2016-4607 7.5
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly
18-06-2019 - 20:15 22-07-2016 - 02:59
CVE-2016-4447 5.0
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
26-03-2019 - 17:12 09-06-2016 - 16:59
CVE-2016-4584 6.8
The WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
25-03-2019 - 17:35 22-07-2016 - 02:59
CVE-2016-4582 7.2
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-
25-03-2019 - 17:34 22-07-2016 - 02:59
CVE-2016-1836 4.3
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via
25-03-2019 - 17:25 20-05-2016 - 10:59
CVE-2016-4624 6.8
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-
25-03-2019 - 17:04 22-07-2016 - 02:59
CVE-2016-4623 6.8
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-
25-03-2019 - 17:04 22-07-2016 - 02:59
CVE-2016-4622 6.8
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-
25-03-2019 - 17:04 22-07-2016 - 02:59
CVE-2016-4591 7.8
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors.
25-03-2019 - 17:04 22-07-2016 - 02:59
CVE-2016-4589 6.8
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4622, CVE-
25-03-2019 - 17:04 22-07-2016 - 02:59
CVE-2016-4653 7.2
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-
25-03-2019 - 16:53 22-07-2016 - 03:00
CVE-2016-4637 6.8
CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted BMP image.
25-03-2019 - 16:53 22-07-2016 - 02:59
CVE-2016-4632 5.0
ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
25-03-2019 - 16:52 22-07-2016 - 02:59
CVE-2016-4631 6.8
ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF file.
25-03-2019 - 16:52 22-07-2016 - 02:59
CVE-2016-4626 7.2
IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
25-03-2019 - 16:52 22-07-2016 - 02:59
CVE-2016-4616 7.5
libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly
25-03-2019 - 16:52 22-07-2016 - 02:59
CVE-2016-4615 7.5
libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly
25-03-2019 - 16:52 22-07-2016 - 02:59
CVE-2016-1863 7.2
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-
20-03-2019 - 15:20 22-07-2016 - 02:59
CVE-2016-1865 4.9
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.
20-03-2019 - 15:17 22-07-2016 - 02:59
CVE-2016-4583 2.6
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing attack involving an SVG document.
20-03-2019 - 14:24 22-07-2016 - 02:59
CVE-2016-4592 7.1
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted web site.
20-03-2019 - 14:10 22-07-2016 - 02:59
CVE-2016-4594 6.8
The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an API call.
20-03-2019 - 13:41 22-07-2016 - 02:59
CVE-2016-4614 7.5
libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly
20-03-2019 - 13:25 22-07-2016 - 02:59
CVE-2016-4627 7.2
IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
19-03-2019 - 18:59 22-07-2016 - 02:59
CVE-2016-4587 4.3
WebKit in Apple iOS before 9.3.3 and tvOS before 9.2.2 allows remote attackers to obtain sensitive information from uninitialized process memory via a crafted web site.
19-03-2019 - 12:18 22-07-2016 - 02:59
CVE-2016-4585 4.3
Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying re
18-03-2019 - 19:44 22-07-2016 - 02:59
CVE-2016-7576 9.3
In iOS before 9.3.3, a memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.
17-01-2019 - 14:40 11-01-2019 - 18:29
CVE-2016-1683 5.1
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via
30-10-2018 - 16:27 05-06-2016 - 23:59
CVE-2016-4651 4.3
Cross-site scripting (XSS) vulnerability in the WebKit JavaScript bindings in Apple iOS before 9.3.3 and Safari before 9.1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP/0.9 response, related to a "cross-protocol
09-10-2018 - 20:00 22-07-2016 - 03:00
CVE-2016-4590 4.3
WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles about: URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
09-10-2018 - 20:00 22-07-2016 - 02:59
CVE-2016-4449 5.8
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource con
18-01-2018 - 18:18 09-06-2016 - 16:59
CVE-2015-8317 5.0
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds
14-09-2017 - 01:29 15-12-2015 - 21:59
CVE-2016-4635 3.5
FaceTime in Apple iOS before 9.3.3 and OS X before 10.11.6 allows man-in-the-middle attackers to spoof relayed-call termination, and obtain sensitive audio information in opportunistic circumstances, via unspecified vectors.
01-09-2017 - 01:29 22-07-2016 - 02:59
CVE-2016-4628 4.9
IOAcceleratorFamily in Apple iOS before 9.3.3 and watchOS before 2.2.2 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via unspecified vectors.
01-09-2017 - 01:29 22-07-2016 - 02:59
CVE-2016-4605 7.1
Calendar in Apple iOS before 9.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted invitation.
01-09-2017 - 01:29 22-07-2016 - 02:59
CVE-2016-4604 5.8
Safari in Apple iOS before 9.3.3 allows remote attackers to spoof the displayed URL via an HTTP response specifying redirection to an invalid TCP port number.
01-09-2017 - 01:29 22-07-2016 - 02:59
CVE-2016-4603 4.3
Web Media in Apple iOS before 9.3.3 allows attackers to bypass the Private Browsing protection mechanism and obtain sensitive video URL information by leveraging Safari View Controller misbehavior.
01-09-2017 - 01:29 22-07-2016 - 02:59
CVE-2016-4593 2.1
The Siri Contacts component in Apple iOS before 9.3.3 allows physically proximate attackers to read arbitrary Contact card information via unspecified vectors.
01-09-2017 - 01:29 22-07-2016 - 02:59
CVE-2016-1684 5.1
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly hav
01-07-2017 - 01:29 05-06-2016 - 23:59
Back to Top Mark selected
Back to Top