Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Apple Subscribe
Total 10175 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-1756 1 Apple 2 Iphone Os, Mac Os X 2016-12-02 9.3 HIGH 7.8 HIGH
The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
CVE-2016-1757 1 Apple 2 Iphone Os, Mac Os X 2016-12-02 9.3 HIGH 7.0 HIGH
Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVE-2016-1732 1 Apple 1 Mac Os X 2016-12-02 2.1 LOW 5.5 MEDIUM
AppleRAID in Apple OS X before 10.11.4 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2016-1731 1 Apple 1 Software Update 2016-12-02 5.0 MEDIUM 5.9 MEDIUM
Apple Software Update before 2.2 on Windows does not use HTTPS, which makes it easier for man-in-the-middle attackers to spoof updates by modifying the client-server data stream.
CVE-2016-1735 1 Apple 1 Mac Os X 2016-12-02 9.3 HIGH 7.8 HIGH
Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1736.
CVE-2016-1733 1 Apple 1 Mac Os X 2016-12-02 9.3 HIGH 7.8 HIGH
AppleRAID in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1736 1 Apple 1 Mac Os X 2016-12-02 9.3 HIGH 7.8 HIGH
Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1735.
CVE-2016-1747 1 Apple 1 Mac Os X 2016-12-02 9.3 HIGH 7.8 HIGH
IOGraphics in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1746.
CVE-2016-1737 1 Apple 1 Mac Os X 2016-12-02 6.8 MEDIUM 6.3 MEDIUM
Carbon in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dfont file.
CVE-2016-1745 1 Apple 1 Mac Os X 2016-12-02 2.1 LOW 5.5 MEDIUM
IOFireWireFamily in Apple OS X before 10.11.4 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.
CVE-2016-1746 1 Apple 1 Mac Os X 2016-12-02 9.3 HIGH 7.8 HIGH
IOGraphics in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1747.
CVE-2016-1738 1 Apple 1 Mac Os X 2016-12-02 7.2 HIGH 7.8 HIGH
dyld in Apple OS X before 10.11.4 allows attackers to bypass a code-signing protection mechanism via a modified app.
CVE-2016-1734 1 Apple 2 Iphone Os, Mac Os X 2016-12-02 7.2 HIGH 6.8 MEDIUM
AppleUSBNetworking in Apple iOS before 9.3 and OS X before 10.11.4 allows physically proximate attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted USB device.
CVE-2016-1761 1 Apple 3 Iphone Os, Mac Os X, Watchos 2016-12-02 10.0 HIGH 9.8 CRITICAL
libxml2 in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
CVE-2016-1009 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2016-12-02 10.0 HIGH 9.8 CRITICAL
Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1007.
CVE-2016-1007 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2016-12-02 10.0 HIGH 9.8 CRITICAL
Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1009.
CVE-2016-1008 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2016-12-02 7.2 HIGH 8.4 HIGH
Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2015-2851 2 Apple, Synology 2 Mac Os X, Cloud Station 2016-12-02 6.8 MEDIUM N/A
client_chown in the sync client in Synology Cloud Station 1.1-2291 through 3.1-3320 on OS X allows local users to change the ownership of arbitrary files, and consequently obtain root access, by specifying a filename.
CVE-2015-3027 1 Apple 1 Xcode 2016-12-02 5.0 MEDIUM N/A
Clang in LLVM, as used in Apple Xcode before 6.3, performs incorrect register allocation in a way that triggers stack storage for stack cookie pointers, which might allow context-dependent attackers to bypass a stack-guard protection mechanism via crafted input to an affected C program.
CVE-2015-1127 1 Apple 1 Safari 2016-12-02 2.1 LOW N/A
The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries.