Apple

iPhone OS

3839 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2016-4725

  • EPSS 1.31%
  • Veröffentlicht 25.09.2016 10:59:29
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted web site.

9.3

CVE-2016-4724

  • EPSS 0.17%
  • Veröffentlicht 25.09.2016 10:59:28
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IOAcceleratorFamily in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

7.1

CVE-2016-4722

  • EPSS 2.51%
  • Veröffentlicht 25.09.2016 10:59:26
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The IDS - Connectivity component in Apple iOS before 10 and OS X before 10.12 allows man-in-the-middle attackers to conduct Call Relay spoofing attacks and cause a denial of service via unspecified vectors.

6.5

CVE-2016-4718

  • EPSS 2.32%
  • Veröffentlicht 25.09.2016 10:59:25
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory via a crafted font file.

9.3

CVE-2016-4712

  • EPSS 0.35%
  • Veröffentlicht 25.09.2016 10:59:19
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app.

7.5

CVE-2016-4711

  • EPSS 0.49%
  • Veröffentlicht 25.09.2016 10:59:18
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CCrypt in corecrypto in CommonCrypto in Apple iOS before 10 and OS X before 10.12 allows attackers to discover cleartext information by leveraging a function call that specifies the same buffer for input and output.

6.5

CVE-2016-4708

  • EPSS 4.17%
  • Veröffentlicht 25.09.2016 10:59:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses the Set-Cookie header, which allows remote attackers to obtain sensitive information via a crafted HTTP response.

4

CVE-2016-4707

  • EPSS 0.06%
  • Veröffentlicht 25.09.2016 10:59:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles Local Storage deletion, which allows local users to discover the visited web sites of arbitrary users via unspecified vectors.

10

CVE-2016-4702

  • EPSS 14.12%
  • Veröffentlicht 25.09.2016 10:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

9.3

CVE-2016-4698

  • EPSS 0.24%
  • Veröffentlicht 25.09.2016 10:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

AppleMobileFileIntegrity in Apple iOS before 10 and OS X before 10.12 mishandles process entitlement and Team ID values in the task port inheritance policy, which allows attackers to execute arbitrary code in a privileged context via a crafted app.