CVEs from 2016
Total
8,466
critical
critical 1,164
high
high 3,521
medium
medium 3,173
low
low 248
% Critical
13.7%
% with KEV
0.7%
% with exploit
1.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-7824 | high | 8.8 | 8.8 | 9y ago | Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors. | |||
| CVE-2016-7822 | high | 8.8 | 8.8 | 9y ago | Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perfor… | |||
| CVE-2016-7811 | high | 8.8 | 8.8 | 9y ago | Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker on the same network segment to bypass access restriction to perform arbitrary operations via unspecified vectors. | |||
| CVE-2016-7809 | high | 8.8 | 8.8 | 9y ago | Cross-site request forgery (CSRF) vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows remote attackers to hijack the authentication of logged in user to conduct unintended opera… | |||
| CVE-2016-7803 | high | 8.8 | 8.8 | 9y ago | SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function. | |||
| CVE-2016-4907 | high | 8.8 | 8.8 | 9y ago | Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors. | |||
| CVE-2016-4471 | high | 8.8 | 8.8 | 9y ago | ManageIQ in CloudForms before 4.1 allows remote authenticated users to execute arbitrary code. | |||
| CVE-2016-9977 | high | 8.8 | 8.8 | 9y ago | IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote attacker to hijack a user's session, caused by the failure to invalidate an existing session identifier. An attacker could exploit t… | |||
| CVE-2016-8229 | high | 8.8 | 8.8 | 9y ago | A cross-site request forgery vulnerability in Lenovo Service Bridge before version 4 could be exploited by an attacker with access to the DHCP server used by the system where LSB is installed. | |||
| CVE-2016-10377 | high | 8.8 | 8.8 | 9y ago | In Open vSwitch (OvS) 2.5.0, a malformed IP packet can cause the switch to read past the end of the packet buffer due to an unsigned integer underflow in `lib/flow.c` in the function `miniflow_extrac… | |||
| CVE-2016-4977 | high | 8.8 | 8.8 | 9y ago | Spring Security OAuth vulnerable to remote code execution (RCE) via specially crafted request using whitelabel views | |||
| CVE-2016-9842 | high | 8.8 | 8.8 | 9y ago | The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. | |||
| CVE-2016-9840 | high | 8.8 | 8.8 | 9y ago | RHSA-2025:8395: rsync security update (Low) | |||
| CVE-2016-5177 | high | 8.8 | 8.8 | 9y ago | arbitrary code execution in chromium | |||
| CVE-2016-6112 | high | 8.8 | 8.8 | 9y ago | IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. I… | |||
| CVE-2016-4904 | high | 8.8 | 8.8 | 9y ago | Cross-site request forgery (CSRF) vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to hijack the authentication of a user to p… | |||
| CVE-2016-4854 | high | 8.8 | 8.8 | 9y ago | Cross-site request forgery (CSRF) vulnerability in L-04D firmware version V10a and V10b allows remote attackers to hijack the authentication of administrators to perform arbitrary operations via unsp… | |||
| CVE-2016-3403 | high | 8.8 | 8.8 | 9y ago | Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Zimbra Collaboration before 8.6.0 Patch 8 allow remote attackers to hijack the authentication of administrators for … | |||
| CVE-2016-4887 | high | 8.8 | 8.8 | 9y ago | Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Uploader version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | |||
| CVE-2016-4886 | high | 8.8 | 8.8 | 9y ago | Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | |||
| CVE-2016-4885 | high | 8.8 | 8.8 | 9y ago | Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Feed version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | |||
| CVE-2016-4884 | high | 8.8 | 8.8 | 9y ago | Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | |||
| CVE-2016-4882 | high | 8.8 | 8.8 | 9y ago | Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | |||
| CVE-2016-4881 | high | 8.8 | 8.8 | 9y ago | CSRF in baserCMS 3.0.10 and earlier | |||
| CVE-2016-4879 | high | 8.8 | 8.8 | 9y ago | CSRF in baserCMS 3.0.10 and earlier | |||
| CVE-2016-4878 | high | 8.8 | 8.8 | 9y ago | baserCMS Cross Site Request Forgery vulnerability | |||
| CVE-2016-4876 | high | 8.8 | 8.8 | 9y ago | Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators to execute arbitrary PHP code via unspeci… | |||
| CVE-2016-9092 | high | 8.8 | 8.8 | 9y ago | The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail Threat Defense (MTD) 1.1 management consoles are susceptible to a cross-site request forging (CSRF) vulnerability. A remote atta… | |||
| CVE-2016-5889 | high | 8.8 | 8.8 | 9y ago | IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website t… | |||
| CVE-2016-9251 | high | 8.8 | 8.8 | 9y ago | In F5 BIG-IP 12.0.0 through 12.1.2, an authenticated attacker may be able to cause an escalation of privileges through a crafted iControl REST connection. | |||
| CVE-2016-8202 | high | 8.8 | 8.8 | 9y ago | A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate t… | |||
| CVE-2016-8593 | high | 8.8 | 8.8 | 9y ago | Directory traversal vulnerability in upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via a .. (dot dot) in the … | |||
| CVE-2016-8592 | high | 8.8 | 8.8 | 9y ago | log_query_system.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cach… | |||
| CVE-2016-8591 | high | 8.8 | 8.8 | 9y ago | log_query.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id pa… | |||
| CVE-2016-8590 | high | 8.8 | 8.8 | 9y ago | log_query_dlp.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_i… | |||
| CVE-2016-8589 | high | 8.8 | 8.8 | 9y ago | log_query_dae.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_i… | |||
| CVE-2016-8586 | high | 8.8 | 8.8 | 9y ago | detected_potential_files.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in … | |||
| CVE-2016-8585 | high | 8.8 | 8.8 | 9y ago | admin_sys_time.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the timezo… | |||
| CVE-2016-2433 | high | 8.8 | 8.8 | 9y ago | The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel. | |||
| CVE-2016-0720 | high | 8.8 | 8.8 | 9y ago | Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149. | |||
| CVE-2016-5401 | high | 8.8 | 8.8 | 9y ago | Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web pag… | |||
| CVE-2016-3734 | high | 8.8 | 8.8 | 9y ago | Moodle Cross-site request forgery (CSRF) vulnerability | |||
| CVE-2016-4862 | high | 8.8 | 8.8 | 9y ago | Twigmo bundled with CS-Cart 4.3.9 and earlier and Twigmo bundled with CS-Cart Multi-Vendor 4.3.9 and earlier allow remote authenticated users to execute arbitrary PHP code on the servers. | |||
| CVE-2016-1218 | high | 8.8 | 8.8 | 9y ago | SQL injection vulnerability in Cybozu Garoon before 4.2.2. | |||
| CVE-2016-4889 | high | 8.8 | 8.8 | 9y ago | ZOHO ManageEngine ServiceDesk Plus before 9.0 allows remote authenticated guest users to have unspecified impact by leveraging failure to restrict access to unknown functions. | |||
| CVE-2016-7834 | high | 8.8 | 8.8 | 9y ago | SONY SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551, SNC-E… | |||
| CVE-2016-1914 | high | 8.8 | 8.8 | 9y ago | Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrar… | |||
| CVE-2016-5313 | high | 8.8 | 8.8 | 9y ago | Symantec Web Gateway (SWG) before 5.2.5 allows remote authenticated users to execute arbitrary OS commands. | |||
| CVE-2016-4895 | high | 8.8 | 8.8 | 9y ago | SetsucoCMS all versions allows remote authenticated attackers to conduct code injection attacks via unspecified vectors. | |||
| CVE-2016-4893 | high | 8.8 | 8.8 | 9y ago | SQL injection vulnerability in the SetsucoCMS all versions allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | |||
| CVE-2016-4891 | high | 8.8 | 8.8 | 9y ago | Cross-site request forgery (CSRF) vulnerability in SetsucoCMS all versions allows remote attackers to hijack the authentication of an administrator to change settings via unspecified vectors. | |||
| CVE-2016-8718 | high | 8.8 | 8.8 | 9y ago | An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted form can trick a … | |||
| CVE-2016-4468 | high | 8.8 | 8.8 | 9y ago | SQL injection vulnerability in Pivotal Cloud Foundry (PCF) before 238; UAA 2.x before 2.7.4.4, 3.x before 3.3.0.2, and 3.4.x before 3.4.1; UAA BOSH before 11.2 and 12.x before 12.2; Elastic Runtime b… | |||
| CVE-2016-6811 | high | 8.8 | 8.8 | 9y ago | Insecure Inherited Permissions in Apache Hadoop | |||
| CVE-2016-10322 | high | 8.8 | 8.8 | 9y ago | Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute arbitrary commands via shell metacharacters in the X-Forwarded-For HTTP header to photo/login.php. | |||
| CVE-2016-5072 | high | 8.8 | 8.8 | 9y ago | OXID eShop before 2016-06-13 allows remote attackers to execute arbitrary code via a GET or POST request to the oxuser class. Fixed versions are Enterprise Edition v5.1.12, Enterprise Edition v5.2.9,… | |||
| CVE-2016-5071 | high | 8.8 | 8.8 | 9y ago | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root. | |||
| CVE-2016-5067 | high | 8.8 | 8.8 | 9y ago | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection. | |||
| CVE-2016-4319 | high | 8.8 | 8.8 | 9y ago | Atlassian JIRA Server before 7.1.9 has CSRF in auditing/settings. | |||
| CVE-2016-1516 | high | 8.8 | 8.8 | 9y ago | Double Free in OpenCV | |||
| CVE-2016-7786 | high | 8.8 | 8.8 | 9y ago | Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated users to bypass intended access restrictions via direct object reference, as demonstrated by a request for Licenseinformation.jsp. … | |||
| CVE-2016-6100 | high | 8.8 | 8.8 | 9y ago | IBM Disposal and Governance Management for IT and IBM Global Retention Policy and Schedule Management, components of IBM Atlas Policy Suite 6.0.3 is vulnerable to cross-site request forgery which cou… | |||
| CVE-2016-10314 | high | 8.8 | 8.8 | 9y ago | Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to read … | |||
| CVE-2016-10313 | high | 8.8 | 8.8 | 9y ago | Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to condu… | |||
| CVE-2016-8917 | high | 8.8 | 8.8 | 9y ago | IBM Sterling Order Management 9.2 - 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the websit… | |||
| CVE-2016-2379 | high | 8.8 | 8.8 | 9y ago | The Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers to (1) decrypt hashed passwords by leveraging knowledge of client registration codes or (2) gain log… | |||
| CVE-2016-9456 | high | 8.8 | 8.8 | 9y ago | Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). The Revive Adserver team conducted a security audit of the admin interface scripts in order to identify and fix other pote… | |||
| CVE-2016-9455 | high | 8.8 | 8.8 | 9y ago | Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). A number of scripts in Revive Adserver's user interface are vulnerable to CSRF attacks: `www/admin/banner-acl.php`, `www/a… | |||
| CVE-2016-9127 | high | 8.8 | 8.8 | 9y ago | Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). The password recovery form in Revive Adserver is vulnerable to CSRF attacks. This vulnerability could be exploited to send… | |||
| CVE-2016-8960 | high | 8.8 | 8.8 | 9y ago | IBM Cognos Business Intelligence 10.2 could allow a user with lower privilege Capabilities to adopt the Capabilities of a higher-privilege user by intercepting the higher-privilege user's cookie valu… | |||
| CVE-2016-10225 | high | 7.8 | 8.8 | 9y ago | The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and H8 devices allows local users to gain root privileges by sending "rootmydevice" to /proc/sunxi_debug/sunxi_debug. | |||
| CVE-2016-10273 | high | 8.8 | 8.8 | 9y ago | Multiple stack buffer overflow vulnerabilities in Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.0… | |||
| CVE-2016-5758 | high | 8.8 | 8.8 | 9y ago | A cross site request forgery protection mechanism in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could be circumvented by repeated uploads causing a high load. | |||
| CVE-2016-5750 | high | 8.8 | 8.8 | 9y ago | The certificate upload feature in iManager in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could be used to upload JSP pages that would be executed as the iManager user, allow… | |||
| CVE-2016-1597 | high | 8.8 | 8.8 | 9y ago | A logged-in user in NetIQ Access Governance Suite 6.0 through 6.4 could escalate privileges to administrator. | |||
| CVE-2016-4504 | high | 8.8 | 8.8 | 9y ago | A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generate… | |||
| CVE-2016-4929 | high | 8.8 | 8.8 | 9y ago | Command injection vulnerability in Junos Space before 15.2R2 allows attackers to execute arbitrary code as a root user. | |||
| CVE-2016-4928 | high | 8.8 | 8.8 | 9y ago | Cross site request forgery vulnerability in Junos Space before 15.2R2 allows remote attackers to perform certain administrative actions on Junos Space. | |||
| CVE-2016-8008 | high | 8.8 | 8.8 | 9y ago | Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus (SSP) 3.11.376 allows attackers to load a replacement of the version.dll file via McAfee McUICnt.exe onto a… | |||
| CVE-2016-8714 | high | 8.8 | 8.8 | 9y ago | An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting i… | |||
| CVE-2016-9726 | high | 8.8 | 8.8 | 9y ago | IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulne… | |||
| CVE-2016-8940 | high | 8.8 | 8.8 | 9y ago | IBM Tivoli Storage Manager (IBM Spectrum Protect) 6.1, 6.2, 6.3, and 7.1 does not perform sufficient authority checking on SQL queries. As a result, an attacker is able to submit SQL queries that acc… | |||
| CVE-2016-7408 | high | 8.8 | 8.8 | 9y ago | The dbclient in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via a crafted (1) -m or (2) -c argument. | |||
| CVE-2016-10206 | high | 8.8 | 8.8 | 9y ago | Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack the authentication of users for requests that change passwords and possibly have unspe… | |||
| CVE-2016-5374 | high | 8.8 | 8.8 | 9y ago | NetApp Data ONTAP 9.0 and 9.1 before 9.1P1 allows remote authenticated users that own SMB-hosted data to bypass intended sharing restrictions by leveraging improper handling of the owner_rights ACL e… | |||
| CVE-2016-9975 | high | 8.8 | 8.8 | 9y ago | IBM Jazz for Service Management 1.1.2.1 and 1.1.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that … | |||
| CVE-2016-9315 | high | 8.8 | 8.8 | 9y ago | Privilege Escalation Vulnerability in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earli… | |||
| CVE-2016-7659 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Audio" component. It allows… | |||
| CVE-2016-7658 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Audio" component. It allows… | |||
| CVE-2016-7656 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves t… | |||
| CVE-2016-7654 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves t… | |||
| CVE-2016-7652 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves t… | |||
| CVE-2016-7649 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves t… | |||
| CVE-2016-7648 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves t… | |||
| CVE-2016-7646 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves t… | |||
| CVE-2016-7645 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves t… | |||
| CVE-2016-7642 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves t… | |||
| CVE-2016-7641 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves t… | |||
| CVE-2016-7640 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves t… | |||
| CVE-2016-7639 | high | 8.8 | 8.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves t… |