Max CVSS | 5.0 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2016-4746 | 5.0 |
The Keyboards component in Apple iOS before 10 does not properly use a cache for auto-correct suggestions, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging an unintended correction.
|
13-08-2017 - 01:29 | 18-09-2016 - 22:59 | |
CVE-2016-4747 | 4.3 |
Mail in Apple iOS before 10 mishandles certificates, which makes it easier for man-in-the-middle attackers to discover mail credentials via unspecified vectors.
|
13-08-2017 - 01:29 | 18-09-2016 - 22:59 | |
CVE-2016-4719 | 4.3 |
The GeoServices component in Apple iOS before 10 and watchOS before 3 does not properly restrict access to PlaceData information, which allows attackers to discover physical locations via a crafted application.
|
13-08-2017 - 01:29 | 18-09-2016 - 22:59 | |
CVE-2016-4740 | 1.9 |
Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin has occurred before displaying messages, which might allow attackers to obtain sensitive information via unspecified vectors.
|
13-08-2017 - 01:29 | 18-09-2016 - 22:59 | |
CVE-2016-4741 | 4.3 |
The Assets component in Apple iOS before 10 allows man-in-the-middle attackers to block software updates via vectors related to lack of an HTTPS session for retrieving updates.
|
13-08-2017 - 01:29 | 18-09-2016 - 22:59 | |
CVE-2016-4620 | 4.3 |
The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to directory metadata for SMS draft directories, which allows attackers to discover text-message recipients via a crafted app.
|
13-08-2017 - 01:29 | 18-09-2016 - 22:59 | |
CVE-2016-4749 | 2.1 |
Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file.
|
13-08-2017 - 01:29 | 18-09-2016 - 22:59 |