VYPR

Vendor CVEs

Apple Inc.

All CVEs

8,441 total · sorted by risk
  • CVE-2016-4683HigFeb 20, 2017
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted…

  • CVE-2016-4681HigFeb 20, 2017
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "Core Image" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG file.

  • CVE-2016-4678HigFeb 20, 2017
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "AppleSMC" component. It allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.

  • CVE-2016-4675HigFeb 20, 2017
    risk 0.51cvss 7.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "libxpc" component. It allows attackers to execute arbitrary code in a…

  • CVE-2016-4674HigFeb 20, 2017
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ATS" component. It allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors.

  • CVE-2016-4673HigFeb 20, 2017
    risk 0.51cvss 7.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "CoreGraphics" component. It allows remote attackers to execute arbitrary code…

  • CVE-2016-4671HigFeb 20, 2017
    risk 0.51cvss 7.8epss 0.03

    An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) via a crafted PDF file.

  • CVE-2016-4662HigFeb 20, 2017
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "AppleGraphicsControl" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-4779HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.02

    Apple Type Services (ATS) in Apple OS X before 10.12 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.

  • CVE-2016-4778HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.02

    The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-4777HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.02

    The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (invalid pointer dereference) via a crafted app.

  • CVE-2016-4775HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.00

    The kernel in Apple OS X before 10.12, tvOS before 10, and watchOS before 3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

  • CVE-2016-4753HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.02

    Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 mishandle signed disk images, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

  • CVE-2016-4750HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.01

    S2 Camera in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-4733HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.02

    WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4734, and…

  • CVE-2016-4727HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.01

    IOThunderboltFamily in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-4726HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.02

    IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-4724HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.01

    IOAcceleratorFamily in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

  • CVE-2016-4723HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.01

    Intel Graphics Driver in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-4716HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.00

    diskutil in DiskArbitration in Apple OS X before 10.12 allows local users to gain privileges via unspecified vectors.

  • CVE-2016-4712HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.02

    CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app.

  • CVE-2016-4710HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.00

    WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage "type confusion," a different vulnerability than CVE-2016-4709.

  • CVE-2016-4709HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.00

    WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage "type confusion," a different vulnerability than CVE-2016-4710.

  • CVE-2016-4703HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.01

    Bluetooth in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-4700HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.01

    AppleUUC in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-4699.

  • CVE-2016-4699HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.01

    AppleUUC in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-4700.

  • CVE-2016-4698HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.01

    AppleMobileFileIntegrity in Apple iOS before 10 and OS X before 10.12 mishandles process entitlement and Team ID values in the task port inheritance policy, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

  • CVE-2016-4697HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.01

    Apple HSSPI Support in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-4696HigSep 25, 2016
    risk 0.51cvss 7.8epss 0.01

    AppleEFIRuntime in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

  • CVE-2016-4705HigSep 18, 2016
    risk 0.51cvss 7.8epss 0.00

    otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4704.

  • CVE-2016-4704HigSep 18, 2016
    risk 0.51cvss 7.8epss 0.00

    otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4705.

  • CVE-2016-4654HigAug 18, 2016
    risk 0.51cvss 7.8epss 0.01

    IOMobileFrameBuffer in Apple iOS before 9.3.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-4653HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.00

    The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4582.

  • CVE-2016-4647HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.00

    Audio in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted file.

  • CVE-2016-4640HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.01

    Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-4638HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.01

    Login Window in Apple OS X before 10.11.6 allows attackers to gain privileges via a crafted app that leverages a "type confusion."

  • CVE-2016-4634HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.00

    The Graphics Drivers subsystem in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

  • CVE-2016-4633HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.00

    Intel Graphics Driver in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-4627HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.00

    IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.

  • CVE-2016-4626HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.00

    IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.

  • CVE-2016-4621HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.01

    libc++abi in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-4599HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.02

    QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop document.

  • CVE-2016-4594HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.01

    The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an API call.

  • CVE-2016-4582HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.00

    The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4653.

  • CVE-2014-9862HigJul 22, 2016
    risk 0.51cvss 7.8epss 0.07

    Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.

  • CVE-2016-1850HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.02

    SceneKit in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file.

  • CVE-2016-1832HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.00

    libc in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

  • CVE-2016-1831HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.01

    The kernel in Apple iOS before 9.3.2 and OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-1830HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.01

    The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than…

  • CVE-2016-1829HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.02

    The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than…

Page 43 of 169