VYPR

Mac OS X

by Apple Inc.

CVEs (2,090)

  • CVE-2016-7761MedFeb 20, 2017
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "WiFi" component, which allows local users to obtain sensitive network-configuration information by leveraging global storage.

  • CVE-2016-7628MedFeb 20, 2017
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Assets" component, which allows local users to bypass intended permission restrictions and change a downloaded mobile asset via unspecified vectors.

  • CVE-2016-7619MedFeb 20, 2017
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "libarchive" component, which allows local users to write to arbitrary files via vectors related to symlinks.

  • CVE-2016-7615MedFeb 20, 2017
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component, which allows local users to cause a denial of service via unspecified vectors.

  • CVE-2016-7607MedFeb 20, 2017
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component, which allows attackers to obtain sensitive information from kernel memory via a crafted…

  • CVE-2016-7605MedFeb 20, 2017
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app.

  • CVE-2016-7604MedFeb 20, 2017
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "CoreCapture" component. It allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.

  • CVE-2016-7603MedFeb 20, 2017
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "CoreStorage" component. It allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.

  • CVE-2016-4679MedFeb 20, 2017
    risk 0.36cvss 5.5epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "libarchive" component, which allows remote attackers to write to arbitrary…

  • CVE-2016-4663MedFeb 20, 2017
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-4661MedFeb 20, 2017
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ntfs" component, which misparses disk images and allows attackers to cause a denial of service via a crafted app.

  • CVE-2016-4771MedSep 25, 2016
    risk 0.36cvss 5.5epss 0.01

    The kernel in Apple iOS before 10 and OS X before 10.12 allows local users to bypass intended file-access restrictions via a crafted directory pathname.

  • CVE-2016-4755MedSep 25, 2016
    risk 0.36cvss 5.5epss 0.00

    Terminal in Apple OS X before 10.12 uses weak permissions for the .bash_history and .bash_session files, which allows local users to obtain sensitive information via unspecified vectors.

  • CVE-2016-4752MedSep 25, 2016
    risk 0.36cvss 5.5epss 0.01

    The SecKeyDeriveFromPassword function in Apple OS X before 10.12 does not use the CF_RETURNS_RETAINED keyword, which allows attackers to obtain sensitive information from process memory by triggering key derivation.

  • CVE-2016-4742MedSep 25, 2016
    risk 0.36cvss 5.5epss 0.01

    NSSecureTextField in Apple OS X before 10.12 does not enable Secure Input, which allows attackers to discover credentials via a crafted app.

  • CVE-2016-4706MedSep 25, 2016
    risk 0.36cvss 5.5epss 0.00

    cd9660 in Apple OS X before 10.12 allows local users to cause a denial of service via unspecified vectors.

  • CVE-2016-4649MedJul 22, 2016
    risk 0.36cvss 5.5epss 0.00

    Audio in Apple OS X before 10.11.6 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.

  • CVE-2016-4648MedJul 22, 2016
    risk 0.36cvss 5.5epss 0.00

    Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors.

  • CVE-2016-1865MedJul 22, 2016
    risk 0.36cvss 5.5epss 0.00

    The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.

  • CVE-2016-1814MedMay 20, 2016
    risk 0.36cvss 5.5epss 0.01

    IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app.

Page 26 of 105