OS X

CVEs (523)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2016-1797	Apple Inc. Mac Os X	Hig	0.51	7.8	0.00	May 20, 2016	Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to bypass intended FontValidator sandbox-policy restrictions and execute arbitrary code in a privileged context via a crafted app.
CVE-2016-1795	Apple Inc. Mac Os X	Hig	0.51	7.8	0.00	May 20, 2016	AppleGraphicsPowerManagement in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1792	Apple Inc. Mac Os X	Hig	0.51	7.8	0.00	May 20, 2016	The AMD subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1775	Apple Inc. Mac Os X	Hig	0.51	7.8	0.01	Mar 24, 2016	TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
CVE-2016-1759	Apple Inc. Mac Os X	Hig	0.51	7.8	0.00	Mar 24, 2016	The kernel in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1756	Apple Inc. Mac Os X	Hig	0.51	7.8	0.00	Mar 24, 2016	The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
CVE-2016-1754	Apple Inc. Mac Os X	Hig	0.51	7.8	0.01	Mar 24, 2016	The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1755.
CVE-2016-1753	Apple Inc. Mac Os X	Hig	0.51	7.8	0.00	Mar 24, 2016	Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allow attackers to execute arbitrary code in a privileged context via a crafted app.
CVE-2016-1750	Apple Inc. Mac Os X	Hig	0.51	7.8	0.01	Mar 24, 2016	Use-after-free vulnerability in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVE-2016-1747	Apple Inc. Mac Os X	Hig	0.51	7.8	0.00	Mar 24, 2016	IOGraphics in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1746.
CVE-2016-1746	Apple Inc. Mac Os X	Hig	0.51	7.8	0.00	Mar 24, 2016	IOGraphics in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1747.
CVE-2016-1740	Apple Inc. Mac Os X	Hig	0.51	7.8	0.02	Mar 24, 2016	FontParser in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document.
CVE-2016-1738	Apple Inc. Mac Os X	Hig	0.51	7.8	0.00	Mar 24, 2016	dyld in Apple OS X before 10.11.4 allows attackers to bypass a code-signing protection mechanism via a modified app.
CVE-2016-1736	Apple Inc. Mac Os X	Hig	0.51	7.8	0.00	Mar 24, 2016	Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1735.
CVE-2016-1735	Apple Inc. Mac Os X	Hig	0.51	7.8	0.00	Mar 24, 2016	Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1736.
CVE-2016-1733	Apple Inc. Mac Os X	Hig	0.51	7.8	0.00	Mar 24, 2016	AppleRAID in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1722	Apple Inc. Mac Os X	Hig	0.51	7.8	0.00	Feb 1, 2016	syslog in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2016-1717	Apple Inc. Mac Os X	Hig	0.51	7.8	0.00	Feb 1, 2016	The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2016-1716	Apple Inc. Mac Os X	Hig	0.51	7.8	0.00	Feb 1, 2016	AppleGraphicsPowerManagement in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2015-6980	Apple Inc. Mac Os X	Hig	0.51	7.8	0.00	Jan 11, 2016	Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which allows local users to gain privileges via unspecified vectors.

CVE-2016-1797HigMay 20, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.00
Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to bypass intended FontValidator sandbox-policy restrictions and execute arbitrary code in a privileged context via a crafted app.
CVE-2016-1795HigMay 20, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.00
AppleGraphicsPowerManagement in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1792HigMay 20, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.00
The AMD subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1775HigMar 24, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.01
TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
CVE-2016-1759HigMar 24, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.00
The kernel in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1756HigMar 24, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.00
The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
CVE-2016-1754HigMar 24, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.01
The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1755.
CVE-2016-1753HigMar 24, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.00
Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allow attackers to execute arbitrary code in a privileged context via a crafted app.
CVE-2016-1750HigMar 24, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.01
Use-after-free vulnerability in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVE-2016-1747HigMar 24, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.00
IOGraphics in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1746.
CVE-2016-1746HigMar 24, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.00
IOGraphics in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1747.
CVE-2016-1740HigMar 24, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.02
FontParser in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document.
CVE-2016-1738HigMar 24, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.00
dyld in Apple OS X before 10.11.4 allows attackers to bypass a code-signing protection mechanism via a modified app.
CVE-2016-1736HigMar 24, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.00
Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1735.
CVE-2016-1735HigMar 24, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.00
Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1736.
CVE-2016-1733HigMar 24, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.00
AppleRAID in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1722HigFeb 1, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.00
syslog in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2016-1717HigFeb 1, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.00
The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2016-1716HigFeb 1, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.00
AppleGraphicsPowerManagement in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2015-6980HigJan 11, 2016
Apple Inc.
Mac Os X
risk 0.51cvss 7.8epss 0.00
Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which allows local users to gain privileges via unspecified vectors.

Page 5 of 27