Mac Os X Security Vulnerabilities and Issues — Page 2 of Mac Os X CVE List

Lucene search

AppleMac Os X

220 matches found

CVE•added 2016/07/22 2:59 a.m.•62 views

CVE-2016-1863

The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4582 and CVE-2016-4653.

7.8CVSS7.6AI score0.00268EPSS

CVE•added 2016/09/25 10:59 a.m.•62 views

CVE-2016-4726

IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS8.3AI score0.00262EPSS

CVE•added 2016/09/25 11:0 a.m.•62 views

CVE-2016-4778

The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS8.2AI score0.00262EPSS

CVE•added 2016/06/26 1:59 a.m.•61 views

CVE-2015-7988

The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors.

9.8CVSS9.7AI score0.03714EPSS

CVE•added 2016/03/24 1:59 a.m.•61 views

CVE-2016-1769

QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop file.

7.8CVSS6.7AI score0.05269EPSS

CVE•added 2016/07/22 2:59 a.m.•61 views

CVE-2016-4607

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors...

9.8CVSS9.2AI score

CVE•added 2016/09/25 10:59 a.m.•61 views

CVE-2016-4707

CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles Local Storage deletion, which allows local users to discover the visited web sites of arbitrary users via unspecified vectors.

4CVSS5.1AI score0.00059EPSS

CVE•added 2016/09/25 10:59 a.m.•61 views

CVE-2016-4725

IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted web site.

8.1CVSS7.7AI score0.01307EPSS

CVE•added 2016/03/24 1:59 a.m.•60 views

CVE-2016-1740

FontParser in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document.

9.3CVSS7.4AI score0.0135EPSS

CVE•added 2016/01/31 6:59 p.m.•59 views

CVE-2016-1941

The file-download dialog in Mozilla Firefox before 44.0 on OS X enables a certain button too quickly, which allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended.

6.1CVSS7.2AI score0.00248EPSS

CVE•added 2016/07/22 2:59 a.m.•59 views

CVE-2016-4631

ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF file.

8.8CVSS8.9AI score0.03745EPSS

CVE•added 2016/09/25 11:0 a.m.•59 views

CVE-2016-4777

9.3CVSS8.2AI score0.00263EPSS

CVE•added 2016/02/01 11:59 a.m.•58 views

CVE-2016-1718

The IOAcceleratorFamily2 interface in IOAcceleratorFamily in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.3CVSS6.7AI score0.00044EPSS

CVE•added 2016/03/24 1:59 a.m.•58 views

CVE-2016-1753

Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allow attackers to execute arbitrary code in a privileged context via a crafted app.

9.3CVSS6.8AI score0.00362EPSS

CVE•added 2016/09/25 10:59 a.m.•58 views

CVE-2016-4702

Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10CVSS9.2AI score0.14118EPSS

CVE•added 2016/09/25 10:59 a.m.•58 views

CVE-2016-4753

Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 mishandle signed disk images, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

9.3CVSS8.1AI score0.00365EPSS

CVE•added 2016/09/25 11:0 a.m.•58 views

CVE-2016-4775

The kernel in Apple OS X before 10.12, tvOS before 10, and watchOS before 3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.8CVSS7.7AI score0.00065EPSS

CVE•added 2016/02/07 1:59 a.m.•57 views

CVE-2016-0802

The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25306181.

8.8CVSS7.5AI score0.0519EPSS

CVE•added 2016/03/24 1:59 a.m.•57 views

CVE-2016-1752

The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to cause a denial of service via a crafted app.

7.1CVSS5.6AI score0.00185EPSS

CVE•added 2016/03/24 1:59 a.m.•57 views

CVE-2016-1754

The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1755.

9.3CVSS7.1AI score0.03453EPSS

CVE•added 2016/05/20 10:59 a.m.•57 views

CVE-2016-1819

Use-after-free vulnerability in the IOAccelContext2::clientMemoryForType method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a craft...

9.3CVSS7.6AI score0.07645EPSS

CVE•added 2016/07/22 2:59 a.m.•57 views

CVE-2016-1865

The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.

5.5CVSS5.7AI score0.00107EPSS

CVE•added 2016/09/25 10:59 a.m.•57 views

CVE-2016-4718

Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory via a crafted font file.

6.5CVSS6.5AI score0.0232EPSS

CVE•added 2016/09/25 10:59 a.m.•57 views

CVE-2016-4736

libarchive in Apple OS X before 10.12 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted file.

9.3CVSS8.8AI score0.00767EPSS

CVE•added 2016/01/10 3:59 a.m.•56 views

CVE-2015-7115

libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7116.

4.3CVSS4.8AI score0.00871EPSS

CVE•added 2016/02/01 11:59 a.m.•56 views

CVE-2016-1719

The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.8CVSS7AI score0.00296EPSS

CVE•added 2016/07/22 2:59 a.m.•56 views

CVE-2016-4616

libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors...

9.8CVSS9.1AI score

CVE•added 2016/03/24 1:59 a.m.•55 views

CVE-2016-1749

IOUSBFamily in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS6.5AI score0.01905EPSS

CVE•added 2016/03/24 1:59 a.m.•55 views

CVE-2016-1756

The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

9.3CVSS7.1AI score0.0019EPSS

CVE•added 2016/03/24 1:59 a.m.•55 views

CVE-2016-1767

QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1768.

7.8CVSS6.7AI score0.08571EPSS

CVE•added 2016/03/24 1:59 a.m.•55 views

CVE-2016-1768

7.8CVSS6.7AI score0.08571EPSS

CVE•added 2016/05/20 10:59 a.m.•54 views

CVE-2016-1830

The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1827, CVE-2016-1828, ...

8.5CVSS7.5AI score0.09639EPSS

CVE•added 2016/03/24 1:59 a.m.•53 views

CVE-2016-1741

The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

10CVSS7.3AI score0.17312EPSS

CVE•added 2016/05/20 10:59 a.m.•53 views

CVE-2016-1829

9.3CVSS7.5AI score0.09639EPSS

CVE•added 2016/07/22 2:59 a.m.•53 views

CVE-2016-4582

7.8CVSS7.6AI score0.00268EPSS

CVE•added 2016/07/22 2:59 a.m.•53 views

CVE-2016-4596

QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4597, CVE-2016-4600, and CVE-2016-4602.

8.8CVSS8.6AI score0.00836EPSS

CVE•added 2016/02/01 11:59 a.m.•52 views

CVE-2016-1717

The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.8CVSS7AI score0.00062EPSS

CVE•added 2016/05/20 10:59 a.m.•52 views

CVE-2016-1808

The Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS7.6AI score0.006EPSS

CVE•added 2016/07/22 2:59 a.m.•52 views

CVE-2016-4637

CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted BMP image.

8.8CVSS8.9AI score0.02898EPSS

CVE•added 2016/05/14 3:59 p.m.•51 views

CVE-2016-1208

The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors.

7.5CVSS6.8AI score0.00364EPSS

CVE•added 2016/02/01 11:59 a.m.•51 views

CVE-2016-1722

syslog in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

7.8CVSS7AI score0.00062EPSS

CVE•added 2016/02/01 11:59 a.m.•51 views

CVE-2016-1729

Untrusted search path vulnerability in OSA Scripts in Apple OS X before 10.11.3 allows attackers to load arbitrary script libraries via a quarantined application.

7.5CVSS6.5AI score0.00486EPSS

CVE•added 2016/03/24 1:59 a.m.•51 views

CVE-2016-1748

IOHIDFamily in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.

4.3CVSS4.5AI score0.00257EPSS

CVE•added 2016/05/20 10:59 a.m.•51 views

CVE-2016-1801

The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 mishandles URLs in http and https requests, which allows remote attackers to obtain sensitive information via unspecified vectors.

7.5CVSS6.7AI score0.07318EPSS

CVE•added 2016/09/25 10:59 a.m.•51 views

CVE-2016-4699

AppleUUC in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-4700.

9.3CVSS7.6AI score0.0036EPSS

CVE•added 2016/05/20 10:59 a.m.•50 views

CVE-2016-1806

Crash Reporter in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app.

9.3CVSS7.4AI score0.00324EPSS

CVE•added 2016/05/20 10:59 a.m.•50 views

CVE-2016-1825

IOHIDFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS7.6AI score0.11106EPSS

CVE•added 2016/07/22 2:59 a.m.•50 views

CVE-2016-4614

9.8CVSS9.1AI score

CVE•added 2016/07/22 2:59 a.m.•50 views

CVE-2016-4635

FaceTime in Apple iOS before 9.3.3 and OS X before 10.11.6 allows man-in-the-middle attackers to spoof relayed-call termination, and obtain sensitive audio information in opportunistic circumstances, via unspecified vectors.

5.3CVSS5.8AI score0.00397EPSS

CVE•added 2016/09/25 10:59 a.m.•50 views

CVE-2016-4697

Apple HSSPI Support in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS8.4AI score0.00215EPSS

Total number of security vulnerabilities220