CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
14,004 vulnerabilities with CWE-119
CVE-2016-7611
HIGH
iTunes < 12.5.4 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2016-7610
HIGH
iPhone OS < 10.2, Safari < 10.0.2, iCloud < 6.1, iTunes < 12.5.4 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2016-7606
HIGH
iPhone OS < 10.2, macOS < 10.12.2, watchOS < 3.1.3 - Kernel Memory Corruption via Crafted App
CVSS 7.8
CVE-2016-7602
HIGH
macOS < 10.12.2 - Remote Code Execution in Intel Graphics Driver
CVSS 7.8
CVE-2016-7596
HIGH
macOS < 10.12.2 - Remote Code Execution or Denial of Service via Bluetooth Memory Corruption
CVSS 8.8
CVE-2016-7595
HIGH
iPhone OS < 10.2, macOS < 10.12.2, watchOS < 3.1.3 - Remote Code Execution via Crafted Font in CoreText
CVSS 8.8
CVE-2016-7594
HIGH
iPhone OS < 10.2, macOS < 10.12.2, watchOS < 3.1.3 - Remote Code Execution in ICU
CVSS 8.8
CVE-2016-7589
HIGH
iPhone OS < 10.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2016-7588
HIGH
iPhone OS < 10.2, macOS < 10.12.2, watchOS < 3.1.3 - Remote Code Execution via Crafted MP4 File
CVSS 8.8
CVE-2016-7587
HIGH
iPhone OS < 10.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2016-7578
HIGH
Safari < 10.0.1 - Remote Code Execution via Memory Corruption in WebKit
CVSS 8.8
CVE-2016-4764
HIGH
iTunes < 12.5.1 - Remote Code Execution via Crafted Web Site
CVSS 8.8
CVE-2016-4743
HIGH
iPhone OS < 10.2, iCloud < 6.1, Safari < 10.0.2, iTunes < 12.5.4 - WebKit Remote Memory Corruption and Info Disclosure
CVSS 7.1
CVE-2016-4692
HIGH
iPhone OS < 10.2, Safari < 10.0.2, iCloud < 6.1, iTunes < 12.5.4 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2016-4691
HIGH
iPhone OS < 10.2, macOS < 10.12.2, watchOS < 3.1.3 - Remote Code Execution via Crafted Font in FontParser
CVSS 8.8
CVE-2016-4688
HIGH
tvOS < 10.0.1 - Remote Code Execution via Crafted Font in FontParser
CVSS 8.8
CVE-2016-4683
HIGH
macOS < 10.12.1 - Remote Code Execution via Crafted SGI File in ImageIO
CVSS 7.8
CVE-2016-4681
HIGH
macOS < 10.12.1 - Remote Code Execution via Crafted JPEG File
CVSS 7.8
CVE-2016-4677
HIGH
Apple Iphone OS < 10.1 - Memory Corruption
CVSS 8.8
CVE-2016-4674
HIGH
macOS < 10.12.1 - Local Privilege Escalation via ATS Memory Corruption
CVSS 7.8
CVE-2016-4673
HIGH
iPhone OS < 10.1, macOS < 10.12.1, tvOS < 10.0.1, watchOS < 3.1 - Remote Code Execution via Crafted JPEG File
CVSS 7.8
CVE-2016-4667
HIGH
macOS < 10.12.1 - Remote Code Execution via Crafted Font in ATS
CVSS 8.8
CVE-2016-4666
HIGH
Apple Iphone OS < 10.1 - Memory Corruption
CVSS 8.8
CVE-2016-4663
MEDIUM
macOS < 10.12.1 - Denial of Service via NVIDIA Graphics Drivers Memory Corruption
CVSS 5.5
CVE-2016-4662
HIGH
macOS < 10.12.1 - Remote Code Execution in AppleGraphicsControl
CVSS 7.8
Details
Vulnerabilities
14,004
Exploit Likelihood
High