VYPR

Mac OS X

by Apple Inc.

CVEs (2,090)

  • CVE-2016-1861HigJun 19, 2016
    risk 0.54cvss 7.8epss 0.04

    The NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1846.

  • CVE-2016-1848HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.05

    QuickTime in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file.

  • CVE-2016-1846HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.05

    The nvCommandQueue::GetHandleIndex method in the NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference and memory corruption) via a crafted app.

  • CVE-2016-1828HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.06

    The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than…

  • CVE-2016-1827HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.06

    The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than…

  • CVE-2016-1825HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.06

    IOHIDFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-1823HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.05

    The IOHIDDevice::handleReportWithTime function in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read and memory corruption)…

  • CVE-2016-1821HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.05

    IOAudioFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

  • CVE-2016-1819HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.05

    Use-after-free vulnerability in the IOAccelContext2::clientMemoryForType method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory…

  • CVE-2016-1813HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.05

    The IOAccelSharedUserClient2::page_off_resource method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a…

  • CVE-2016-1803HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.05

    CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

  • CVE-2016-1794HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.05

    The AppleGraphicsControlClient::checkArguments method in AppleGraphicsControl in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

  • CVE-2016-1793HigMay 20, 2016
    risk 0.54cvss 7.8epss 0.05

    AppleGraphicsDeviceControlClient in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

  • CVE-2016-3142HigMar 31, 2016
    risk 0.54cvss 8.2epss 0.05

    The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\x05\x06…

  • CVE-2016-1769HigMar 24, 2016
    risk 0.54cvss 7.8epss 0.05

    QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop file.

  • CVE-2016-1767HigMar 24, 2016
    risk 0.54cvss 7.8epss 0.05

    QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1768.

  • CVE-2016-1755HigMar 24, 2016
    risk 0.54cvss 7.8epss 0.05

    The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1754.

  • CVE-2016-1749HigMar 24, 2016
    risk 0.54cvss 7.8epss 0.04

    IOUSBFamily in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-1744HigMar 24, 2016
    risk 0.54cvss 7.8epss 0.04

    The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1743.

  • CVE-2016-1743HigMar 24, 2016
    risk 0.54cvss 7.8epss 0.05

    The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1744.

Page 8 of 105