Filtered by vendor Apple
Subscribe
Total
10175 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-6978 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2017-07-29 | 10.0 HIGH | 9.8 CRITICAL |
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019. | |||||
CVE-2016-1089 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2017-07-29 | 10.0 HIGH | 9.8 CRITICAL |
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993. | |||||
CVE-2016-4779 | 1 Apple | 1 Mac Os X | 2017-07-29 | 6.8 MEDIUM | 7.8 HIGH |
Apple Type Services (ATS) in Apple OS X before 10.12 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file. | |||||
CVE-2016-7080 | 2 Apple, Vmware | 2 Mac Os X, Tools | 2017-07-29 | 4.6 MEDIUM | 7.8 HIGH |
The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7079. | |||||
CVE-2016-4703 | 1 Apple | 1 Mac Os X | 2017-07-29 | 9.3 HIGH | 7.8 HIGH |
Bluetooth in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
CVE-2016-4671 | 1 Apple | 1 Mac Os X | 2017-07-28 | 9.3 HIGH | 7.8 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) via a crafted PDF file. | |||||
CVE-2016-4667 | 1 Apple | 1 Mac Os X | 2017-07-28 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ATS" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font. | |||||
CVE-2016-4662 | 1 Apple | 1 Mac Os X | 2017-07-28 | 9.3 HIGH | 7.8 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "AppleGraphicsControl" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
CVE-2016-4674 | 1 Apple | 1 Mac Os X | 2017-07-28 | 4.6 MEDIUM | 7.8 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ATS" component. It allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors. | |||||
CVE-2016-4686 | 1 Apple | 1 Iphone Os | 2017-07-28 | 3.6 LOW | 4.4 MEDIUM |
An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue involves the "Contacts" component, which does not prevent an app's Address Book access after access revocation. | |||||
CVE-2016-4682 | 1 Apple | 1 Mac Os X | 2017-07-28 | 5.8 MEDIUM | 7.1 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12 is affected. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted SGI file. | |||||
CVE-2016-4678 | 1 Apple | 1 Mac Os X | 2017-07-28 | 4.6 MEDIUM | 7.8 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "AppleSMC" component. It allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. | |||||
CVE-2016-4663 | 1 Apple | 1 Mac Os X | 2017-07-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to cause a denial of service (memory corruption) via a crafted app. | |||||
CVE-2016-4661 | 1 Apple | 1 Mac Os X | 2017-07-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ntfs" component, which misparses disk images and allows attackers to cause a denial of service via a crafted app. | |||||
CVE-2016-4613 | 1 Apple | 4 Apple Tv, Icloud, Itunes and 1 more | 2017-07-28 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in certain Apple products. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a crafted web site. | |||||
CVE-2016-5328 | 2 Apple, Vmware | 2 Mac Os X, Tools | 2017-07-28 | 2.1 LOW | 5.5 MEDIUM |
VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors. | |||||
CVE-2016-5329 | 2 Apple, Vmware | 2 Mac Os X, Fusion | 2017-07-28 | 2.1 LOW | 5.5 MEDIUM |
VMware Fusion 8.x before 8.5 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors. | |||||
CVE-2007-4688 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-28 | 5.0 MEDIUM | N/A |
The Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain all addresses for a host, including link-local addresses, via a Node Information Query. | |||||
CVE-2007-4687 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-28 | 9.3 HIGH | N/A |
The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 contains a symbolic link from the tftpboot private directory to the root directory, which allows tftpd users to escape the private directory and access arbitrary files. | |||||
CVE-2007-4689 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-28 | 10.0 HIGH | N/A |
Double free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via crafted IPV6 packets. |