VYPR

Vendor CVEs

Apple Inc.

All CVEs

8,441 total · sorted by risk
  • CVE-2016-1826HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.02

    Integer overflow in the dtrace implementation in the kernel in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app.

  • CVE-2016-1824HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.02

    IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than…

  • CVE-2016-1822HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.01

    IOFireWireFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-1820HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.02

    Buffer overflow in IOAudioFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app.

  • CVE-2016-1818HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.02

    IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than…

  • CVE-2016-1817HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.02

    IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than…

  • CVE-2016-1816HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.01

    IOAcceleratorFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

  • CVE-2016-1815HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.02

    IOAcceleratorFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-1812HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.02

    Buffer overflow in Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app.

  • CVE-2016-1810HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.01

    The Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-1808HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.02

    The Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-1806HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.02

    Crash Reporter in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app.

  • CVE-2016-1805HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.01

    CoreStorage in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app.

  • CVE-2016-1804HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.02

    The Multi-Touch subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-1799HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.01

    Audio in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-1797HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.02

    Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to bypass intended FontValidator sandbox-policy restrictions and execute arbitrary code in a privileged context via a crafted app.

  • CVE-2016-1795HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.01

    AppleGraphicsPowerManagement in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-1792HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.01

    The AMD subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-1742HigMay 20, 2016
    risk 0.51cvss 7.8epss 0.00

    Untrusted search path vulnerability in the installer in Apple iTunes before 12.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory.

  • CVE-2016-1775HigMar 24, 2016
    risk 0.51cvss 7.8epss 0.04

    TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.

  • CVE-2016-1765HigMar 24, 2016
    risk 0.51cvss 7.8epss 0.00

    otool in Apple Xcode before 7.3 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors.

  • CVE-2016-1759HigMar 24, 2016
    risk 0.51cvss 7.8epss 0.01

    The kernel in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-1756HigMar 24, 2016
    risk 0.51cvss 7.8epss 0.01

    The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

  • CVE-2016-1754HigMar 24, 2016
    risk 0.51cvss 7.8epss 0.01

    The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1755.

  • CVE-2016-1753HigMar 24, 2016
    risk 0.51cvss 7.8epss 0.02

    Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allow attackers to execute arbitrary code in a privileged context via a crafted app.

  • CVE-2016-1751HigMar 24, 2016
    risk 0.51cvss 7.8epss 0.01

    The kernel in Apple iOS before 9.3, tvOS before 9.2, and watchOS before 2.2 does not properly restrict the execute permission, which allows attackers to bypass a code-signing protection mechanism via a crafted app.

  • CVE-2016-1750HigMar 24, 2016
    risk 0.51cvss 7.8epss 0.02

    Use-after-free vulnerability in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context via a crafted app.

  • CVE-2016-1747HigMar 24, 2016
    risk 0.51cvss 7.8epss 0.02

    IOGraphics in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1746.

  • CVE-2016-1746HigMar 24, 2016
    risk 0.51cvss 7.8epss 0.02

    IOGraphics in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1747.

  • CVE-2016-1740HigMar 24, 2016
    risk 0.51cvss 7.8epss 0.04

    FontParser in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document.

  • CVE-2016-1738HigMar 24, 2016
    risk 0.51cvss 7.8epss 0.00

    dyld in Apple OS X before 10.11.4 allows attackers to bypass a code-signing protection mechanism via a modified app.

  • CVE-2016-1736HigMar 24, 2016
    risk 0.51cvss 7.8epss 0.01

    Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1735.

  • CVE-2016-1735HigMar 24, 2016
    risk 0.51cvss 7.8epss 0.01

    Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1736.

  • CVE-2016-1733HigMar 24, 2016
    risk 0.51cvss 7.8epss 0.01

    AppleRAID in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-1722HigFeb 1, 2016
    risk 0.51cvss 7.8epss 0.00

    syslog in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

  • CVE-2016-1717HigFeb 1, 2016
    risk 0.51cvss 7.8epss 0.00

    The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

  • CVE-2016-1716HigFeb 1, 2016
    risk 0.51cvss 7.8epss 0.00

    AppleGraphicsPowerManagement in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

  • CVE-2015-6980HigJan 11, 2016
    risk 0.51cvss 7.8epss 0.00

    Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which allows local users to gain privileges via unspecified vectors.

  • CVE-2014-4418HigSep 18, 2014
    risk 0.51cvss 7.8epss 0.02

    IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different…

  • CVE-2014-4388HigSep 18, 2014
    risk 0.51cvss 7.8epss 0.02

    IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different…

  • CVE-2014-4375HigSep 18, 2014
    risk 0.51cvss 7.8epss 0.00

    Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports.

  • CVE-2010-3190HigAug 31, 2010
    risk 0.51cvss 7.8epss 0.09

    Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; Visual C++ 2005 SP1, 2008 SP1, and 2010; and Exchange Server 2010 Service Pack 3, 2013, and 2013 allows local…

  • CVE-2010-0036HigJan 20, 2010
    risk 0.51cvss 7.8epss 0.04

    Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file.

  • CVE-2007-3749HigNov 15, 2007
    risk 0.51cvss 7.8epss 0.00

    The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or Thread Exception Port when executing a setuid program, which allows local users to execute arbitrary code by creating the port before launching the setuid program, then writing to…

  • CVE-2007-4268HigNov 15, 2007
    risk 0.51cvss 7.8epss 0.01

    Integer signedness error in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk message with a negative value, which satisfies a signed comparison during mbuf allocation but is later interpreted as…

  • CVE-2026-20620HigFeb 11, 2026
    risk 0.50cvss 7.7epss 0.00

    An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An attacker may be able to cause unexpected system termination or read kernel memory.

  • CVE-2025-24206HigApr 29, 2025
    risk 0.50cvss 7.7epss 0.00

    An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may be able to bypass…

  • CVE-2025-24174HigJan 27, 2025
    risk 0.50cvss 7.7epss 0.00

    The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to bypass Privacy preferences.

  • CVE-2021-30938HigAug 24, 2021
    risk 0.50cvss 7.7epss 0.00

    This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A local user may be able to cause unexpected system termination or read kernel memory.

  • CVE-2019-8591HigDec 18, 2019
    risk 0.50cvss 7.1epss 0.04

    A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to cause unexpected system termination or write kernel memory.

Page 44 of 169