Vulnerabilities > Apple > MAC OS X
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-05-20 | CVE-2016-1853 | Information Exposure vulnerability in Apple mac OS X Tcl in Apple OS X before 10.11.5 allows remote attackers to obtain sensitive information by leveraging SSLv2 support. | 7.5 |
2016-05-20 | CVE-2016-1851 | Unspecified vulnerability in Apple mac OS X The Screen Lock feature in Apple OS X before 10.11.5 mishandles password profiles, which allows physically proximate attackers to reset expired passwords in the lock-screen state via unspecified vectors. low complexity apple | 4.6 |
2016-05-20 | CVE-2016-1850 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X SceneKit in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file. | 7.8 |
2016-05-20 | CVE-2016-1848 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X QuickTime in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file. | 7.8 |
2016-05-20 | CVE-2016-1847 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products OpenGL, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 8.8 |
2016-05-20 | CVE-2016-1846 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X The nvCommandQueue::GetHandleIndex method in the NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference and memory corruption) via a crafted app. | 7.8 |
2016-05-20 | CVE-2016-1844 | Improper Access Control vulnerability in Apple mac OS X The Messages component in Apple OS X before 10.11.5 mishandles roster changes, which allows remote attackers to modify contact lists via unspecified vectors. | 5.3 |
2016-05-20 | CVE-2016-1843 | Improper Input Validation vulnerability in Apple mac OS X The Messages component in Apple OS X before 10.11.5 mishandles filename encoding, which allows remote attackers to obtain sensitive information via unspecified vectors. | 7.5 |
2016-05-20 | CVE-2016-1842 | Improper Access Control vulnerability in Apple Iphone OS MapKit in Apple iOS before 9.3.2, OS X before 10.11.5, and watchOS before 2.2.1 does not use HTTPS for shared links, which allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic. | 7.5 |
2016-05-20 | CVE-2016-1841 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 8.8 |