VYPR

Mac OS X

by Apple Inc.

CVEs (2,090)

  • CVE-2016-4630HigJul 22, 2016
    risk 0.57cvss 8.8epss 0.04

    ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted EXR image with B44 compression.

  • CVE-2016-4602HigJul 22, 2016
    risk 0.57cvss 8.8epss 0.02

    QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4597, and CVE-2016-4600.

  • CVE-2016-4601HigJul 22, 2016
    risk 0.57cvss 8.8epss 0.02

    QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SGI image.

  • CVE-2016-4600HigJul 22, 2016
    risk 0.57cvss 8.8epss 0.02

    QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4597, and CVE-2016-4602.

  • CVE-2016-4597HigJul 22, 2016
    risk 0.57cvss 8.8epss 0.02

    QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4600, and CVE-2016-4602.

  • CVE-2016-4596HigJul 22, 2016
    risk 0.57cvss 8.8epss 0.02

    QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4597, CVE-2016-4600, and CVE-2016-4602.

  • CVE-2016-1847HigMay 20, 2016
    risk 0.57cvss 8.8epss 0.02

    OpenGL, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

  • CVE-2016-1841HigMay 20, 2016
    risk 0.57cvss 8.8epss 0.02

    libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

  • CVE-2016-1800HigMay 20, 2016
    risk 0.57cvss 8.8epss 0.04

    Captive Network Assistant in Apple OS X before 10.11.5 mishandles a custom URL scheme, which allows user-assisted remote attackers to execute arbitrary code via unspecified vectors.

  • CVE-2016-0802HigFeb 7, 2016
    risk 0.57cvss 8.8epss 0.02

    The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal…

  • CVE-2008-2934HigJul 18, 2008
    risk 0.57cvss 8.8epss 0.04

    Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file that triggers a free of an uninitialized pointer.

  • CVE-2017-6977HigMay 22, 2017
    risk 0.56cvss 8.6epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Speech Framework" component. It allows attackers to conduct sandbox-escape attacks or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2017-2534HigMay 22, 2017
    risk 0.56cvss 8.6epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Speech Framework" component. It allows attackers to conduct sandbox-escape attacks via a crafted app.

  • CVE-2017-2370HigFeb 20, 2017
    risk 0.55cvss 7.8epss 0.11

    An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a…

  • CVE-2016-1768HigMar 24, 2016
    risk 0.55cvss 7.8epss 0.17

    QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1767.

  • CVE-2017-13876HigDec 25, 2017
    risk 0.54cvss 7.8epss 0.05

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a…

  • CVE-2017-13875HigDec 25, 2017
    risk 0.54cvss 7.8epss 0.04

    An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a crafted…

  • CVE-2017-13867HigDec 25, 2017
    risk 0.54cvss 7.8epss 0.05

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a…

  • CVE-2017-13847HigDec 25, 2017
    risk 0.54cvss 7.8epss 0.05

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via…

  • CVE-2017-6978HigMay 22, 2017
    risk 0.54cvss 7.8epss 0.04

    An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Accessibility Framework" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted…

Page 6 of 105