Filtered by vendor Apple
Subscribe
Total
10175 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-7422 | 2 Apple, Perl | 2 Mac Os X, Perl | 2016-12-21 | 7.5 HIGH | N/A |
Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long digit string associated with an invalid backreference within a regular expression. | |||||
CVE-2015-3801 | 1 Apple | 2 Iphone Os, Safari | 2016-12-21 | 5.0 MEDIUM | N/A |
The document.cookie API implementation in the CFNetwork Cookies subsystem in WebKit in Apple iOS before 9 allows remote attackers to bypass an intended single-cookie restriction via unspecified vectors. | |||||
CVE-2016-1774 | 1 Apple | 1 Mac Os X Server | 2016-12-19 | 5.0 MEDIUM | 5.3 MEDIUM |
The Time Machine server in Server App in Apple OS X Server before 5.1 does not notify the user about ignored permissions during a backup, which makes it easier for remote attackers to obtain sensitive information in opportunistic circumstances by reading backup data that lacks intended restrictions. | |||||
CVE-2016-1776 | 1 Apple | 1 Mac Os X Server | 2016-12-19 | 5.0 MEDIUM | 5.3 MEDIUM |
Web Server in Apple OS X Server before 5.1 does not properly restrict access to .DS_Store and .htaccess files, which allows remote attackers to obtain sensitive configuration information via an HTTP request. | |||||
CVE-2016-1777 | 1 Apple | 1 Mac Os X Server | 2016-12-19 | 5.0 MEDIUM | 7.5 HIGH |
Web Server in Apple OS X Server before 5.1 supports the RC4 algorithm, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. | |||||
CVE-2016-1787 | 1 Apple | 1 Mac Os X Server | 2016-12-19 | 5.0 MEDIUM | 5.3 MEDIUM |
Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors. | |||||
CVE-2013-5195 | 1 Apple | 3 Itunes, Safari, Webkit | 2016-12-09 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | |||||
CVE-2015-5780 | 1 Apple | 1 Safari | 2016-12-09 | 10.0 HIGH | N/A |
The Safari Extensions implementation in Apple Safari before 9 does not require user confirmation before replacing an installed extension, which has unspecified impact and attack vectors. | |||||
CVE-2015-5833 | 1 Apple | 1 Mac Os X | 2016-12-09 | 7.2 HIGH | N/A |
The Login Window component in Apple OS X before 10.11 does not ensure that the screen is locked at the intended time, which allows physically proximate attackers to obtain access by visiting an unattended workstation. | |||||
CVE-2015-5830 | 1 Apple | 1 Mac Os X | 2016-12-09 | 7.2 HIGH | N/A |
The Intel Graphics Driver component in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5877. | |||||
CVE-2015-5864 | 1 Apple | 1 Mac Os X | 2016-12-09 | 2.1 LOW | N/A |
IOAudioFamily in Apple OS X before 10.11 allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. | |||||
CVE-2015-5836 | 1 Apple | 1 Mac Os X | 2016-12-09 | 4.3 MEDIUM | N/A |
Apple Online Store Kit in Apple OS X before 10.11 improperly validates iCloud keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app. | |||||
CVE-2015-5849 | 1 Apple | 1 Mac Os X | 2016-12-09 | 6.8 MEDIUM | N/A |
The filtering implementation in AppleEvents in Apple OS X before 10.11 mishandles attempts to send events to a different user, which allows attackers to bypass intended access restrictions by leveraging a screen-sharing connection. | |||||
CVE-2015-5853 | 1 Apple | 1 Mac Os X | 2016-12-09 | 3.3 LOW | N/A |
AirScan in Apple OS X before 10.11 allows man-in-the-middle attackers to obtain eSCL packet payload data via unspecified vectors. | |||||
CVE-2015-5865 | 1 Apple | 1 Mac Os X | 2016-12-09 | 4.3 MEDIUM | N/A |
IOGraphics in Apple OS X before 10.11 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. | |||||
CVE-2015-5866 | 1 Apple | 1 Mac Os X | 2016-12-09 | 9.3 HIGH | N/A |
IOHIDFamily in Apple OS X before 10.11 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
CVE-2015-5854 | 1 Apple | 1 Mac Os X | 2016-12-09 | 2.1 LOW | N/A |
The backup implementation in Time Machine in Apple OS X before 10.11 allows local users to obtain access to keychain items via unspecified vectors. | |||||
CVE-2015-5870 | 1 Apple | 1 Mac Os X | 2016-12-09 | 2.1 LOW | N/A |
The debugging interfaces in the kernel in Apple OS X before 10.11 allow local users to obtain sensitive memory-layout information via unspecified vectors. | |||||
CVE-2015-5871 | 1 Apple | 1 Mac Os X | 2016-12-09 | 7.2 HIGH | N/A |
IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5872, CVE-2015-5873, and CVE-2015-5890. | |||||
CVE-2015-5872 | 1 Apple | 1 Mac Os X | 2016-12-09 | 7.2 HIGH | N/A |
IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5871, CVE-2015-5873, and CVE-2015-5890. |