Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2016-4651

    Cross-site scripting (XSS) vulnerability in the WebKit JavaScript bindings in Apple iOS before 9.3.3 and Safari before 9.1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP/0.9 response, related to a "cross-protocol cross... Read more

    Affected Products : iphone_os safari
    • EPSS Score: %0.21
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-4649

    Audio in Apple OS X before 10.11.6 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.13
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-4648

    Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.13
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-4647

    Audio in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted file.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.11
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-4646

    Audio in Apple OS X before 10.11.6 mishandles a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted audio file.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.54
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2016-4645

    CFNetwork in Apple OS X before 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.10
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-4641

    Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or obtain sensitive user information via a crafted app that leverages a "type confusion."... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.32
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-4640

    Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service (memory corruption) via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.31
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 7.0

    HIGH
    CVE-2016-4639

    Login Window in Apple OS X before 10.11.6 does not properly initialize memory, which allows local users to cause a denial of service via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.14
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-4638

    Login Window in Apple OS X before 10.11.6 allows attackers to gain privileges via a crafted app that leverages a "type confusion."... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.31
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-4637

    CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted BMP image.... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • EPSS Score: %2.90
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-4635

    FaceTime in Apple iOS before 9.3.3 and OS X before 10.11.6 allows man-in-the-middle attackers to spoof relayed-call termination, and obtain sensitive audio information in opportunistic circumstances, via unspecified vectors.... Read more

    Affected Products : mac_os_x iphone_os
    • EPSS Score: %0.40
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-4634

    The Graphics Drivers subsystem in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.15
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-4633

    Intel Graphics Driver in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.22
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-4632

    ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • EPSS Score: %3.11
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-4631

    ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF file.... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • EPSS Score: %3.74
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-4630

    ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted EXR image with B44 compression.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %1.11
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-4629

    ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted xStride and yStride values in an EXR image.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %11.08
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-4628

    IOAcceleratorFamily in Apple iOS before 9.3.3 and watchOS before 2.2.2 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via unspecified vectors.... Read more

    Affected Products : iphone_os watchos
    • EPSS Score: %0.09
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-4627

    IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.... Read more

    Affected Products : iphone_os tvos watchos
    • EPSS Score: %0.11
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291401 Results