Vulnerabilities > Apple > MAC OS X > 10.11.6

DATE CVE VULNERABILITY TITLE RISK
2017-02-20 CVE-2016-4670 Credentials Management vulnerability in Apple Iphone OS and mac OS X
An issue was discovered in certain Apple products.
local
low complexity
apple CWE-255
2.1
2017-02-20 CVE-2016-4669 Improper Input Validation vulnerability in Apple products
An issue was discovered in certain Apple products.
local
low complexity
apple CWE-20
7.2
2017-02-20 CVE-2016-4667 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
An issue was discovered in certain Apple products.
network
apple CWE-119
6.8
2017-02-20 CVE-2016-4663 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
An issue was discovered in certain Apple products.
network
apple CWE-119
4.3
2017-02-20 CVE-2016-4662 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
An issue was discovered in certain Apple products.
network
apple CWE-119
critical
9.3
2017-02-20 CVE-2016-4661 Improper Input Validation vulnerability in Apple mac OS X
An issue was discovered in certain Apple products.
network
apple CWE-20
4.3
2017-02-20 CVE-2016-4660 Information Exposure vulnerability in Apple products
An issue was discovered in certain Apple products.
network
apple CWE-200
5.8
2017-02-20 CVE-2016-4617 Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X
An issue was discovered in certain Apple products.
local
low complexity
apple CWE-264
4.6
2016-09-25 CVE-2016-4779 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
Apple Type Services (ATS) in Apple OS X before 10.12 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
network
apple CWE-119
6.8
2016-09-25 CVE-2016-4778 Permissions, Privileges, and Access Controls vulnerability in Apple products
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
network
apple CWE-264
critical
9.3