Vulnerabilities > Apple > MAC OS X > 10.11.0

DATE CVE VULNERABILITY TITLE RISK
2016-07-22 CVE-2016-4633 Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X
Intel Graphics Driver in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
local
apple CWE-264
6.9
2016-07-22 CVE-2016-4632 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
network
low complexity
apple CWE-119
5.0
2016-07-22 CVE-2016-4631 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF file.
network
apple CWE-119
6.8
2016-07-22 CVE-2016-4630 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted EXR image with B44 compression.
network
apple CWE-119
6.8
2016-07-22 CVE-2016-4629 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted xStride and yStride values in an EXR image.
network
low complexity
apple CWE-119
critical
10.0
2016-07-22 CVE-2016-4626 NULL Pointer Dereference vulnerability in Apple products
IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
local
low complexity
apple CWE-476
7.2
2016-07-22 CVE-2016-4625 Use After Free vulnerability in Apple mac OS X
Use-after-free vulnerability in IOSurface in Apple OS X before 10.11.6 allows local users to gain privileges via unspecified vectors.
local
low complexity
apple CWE-416
7.2
2016-07-22 CVE-2016-4621 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
libc++abi in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
network
apple CWE-119
critical
9.3
2016-07-22 CVE-2016-4616 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4615, and CVE-2016-4619.
network
low complexity
apple microsoft CWE-119
7.5
2016-07-22 CVE-2016-4615 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4616, and CVE-2016-4619.
network
low complexity
apple microsoft CWE-119
7.5