Filtered by vendor Apple
Subscribe
Total
10175 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-1756 | 1 Apple | 2 Iphone Os, Mac Os X | 2016-12-02 | 9.3 HIGH | 7.8 HIGH |
The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. | |||||
CVE-2016-1757 | 1 Apple | 2 Iphone Os, Mac Os X | 2016-12-02 | 9.3 HIGH | 7.0 HIGH |
Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app. | |||||
CVE-2016-1732 | 1 Apple | 1 Mac Os X | 2016-12-02 | 2.1 LOW | 5.5 MEDIUM |
AppleRAID in Apple OS X before 10.11.4 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2016-1731 | 1 Apple | 1 Software Update | 2016-12-02 | 5.0 MEDIUM | 5.9 MEDIUM |
Apple Software Update before 2.2 on Windows does not use HTTPS, which makes it easier for man-in-the-middle attackers to spoof updates by modifying the client-server data stream. | |||||
CVE-2016-1735 | 1 Apple | 1 Mac Os X | 2016-12-02 | 9.3 HIGH | 7.8 HIGH |
Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1736. | |||||
CVE-2016-1733 | 1 Apple | 1 Mac Os X | 2016-12-02 | 9.3 HIGH | 7.8 HIGH |
AppleRAID in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
CVE-2016-1736 | 1 Apple | 1 Mac Os X | 2016-12-02 | 9.3 HIGH | 7.8 HIGH |
Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1735. | |||||
CVE-2016-1747 | 1 Apple | 1 Mac Os X | 2016-12-02 | 9.3 HIGH | 7.8 HIGH |
IOGraphics in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1746. | |||||
CVE-2016-1737 | 1 Apple | 1 Mac Os X | 2016-12-02 | 6.8 MEDIUM | 6.3 MEDIUM |
Carbon in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dfont file. | |||||
CVE-2016-1745 | 1 Apple | 1 Mac Os X | 2016-12-02 | 2.1 LOW | 5.5 MEDIUM |
IOFireWireFamily in Apple OS X before 10.11.4 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors. | |||||
CVE-2016-1746 | 1 Apple | 1 Mac Os X | 2016-12-02 | 9.3 HIGH | 7.8 HIGH |
IOGraphics in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1747. | |||||
CVE-2016-1738 | 1 Apple | 1 Mac Os X | 2016-12-02 | 7.2 HIGH | 7.8 HIGH |
dyld in Apple OS X before 10.11.4 allows attackers to bypass a code-signing protection mechanism via a modified app. | |||||
CVE-2016-1734 | 1 Apple | 2 Iphone Os, Mac Os X | 2016-12-02 | 7.2 HIGH | 6.8 MEDIUM |
AppleUSBNetworking in Apple iOS before 9.3 and OS X before 10.11.4 allows physically proximate attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted USB device. | |||||
CVE-2016-1761 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2016-12-02 | 10.0 HIGH | 9.8 CRITICAL |
libxml2 in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document. | |||||
CVE-2016-1009 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2016-12-02 | 10.0 HIGH | 9.8 CRITICAL |
Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1007. | |||||
CVE-2016-1007 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2016-12-02 | 10.0 HIGH | 9.8 CRITICAL |
Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1009. | |||||
CVE-2016-1008 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2016-12-02 | 7.2 HIGH | 8.4 HIGH |
Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
CVE-2015-2851 | 2 Apple, Synology | 2 Mac Os X, Cloud Station | 2016-12-02 | 6.8 MEDIUM | N/A |
client_chown in the sync client in Synology Cloud Station 1.1-2291 through 3.1-3320 on OS X allows local users to change the ownership of arbitrary files, and consequently obtain root access, by specifying a filename. | |||||
CVE-2015-3027 | 1 Apple | 1 Xcode | 2016-12-02 | 5.0 MEDIUM | N/A |
Clang in LLVM, as used in Apple Xcode before 6.3, performs incorrect register allocation in a way that triggers stack storage for stack cookie pointers, which might allow context-dependent attackers to bypass a stack-guard protection mechanism via crafted input to an affected C program. | |||||
CVE-2015-1127 | 1 Apple | 1 Safari | 2016-12-02 | 2.1 LOW | N/A |
The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries. |