Vulnerabilities > Apple > MAC OS X

DATE CVE VULNERABILITY TITLE RISK
2016-05-20 CVE-2016-1800 Improper Input Validation vulnerability in Apple mac OS X
Captive Network Assistant in Apple OS X before 10.11.5 mishandles a custom URL scheme, which allows user-assisted remote attackers to execute arbitrary code via unspecified vectors.
network
low complexity
apple CWE-20
8.8
2016-05-20 CVE-2016-1799 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
Audio in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
local
low complexity
apple CWE-119
7.8
2016-05-20 CVE-2016-1798 Unspecified vulnerability in Apple mac OS X
Audio in Apple OS X before 10.11.5 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app.
local
low complexity
apple
3.3
2016-05-20 CVE-2016-1797 Improper Access Control vulnerability in Apple mac OS X
Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to bypass intended FontValidator sandbox-policy restrictions and execute arbitrary code in a privileged context via a crafted app.
local
low complexity
apple CWE-284
7.8
2016-05-20 CVE-2016-1796 Information Exposure vulnerability in Apple mac OS X
Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds memory access) via a crafted app.
local
low complexity
apple CWE-200
3.3
2016-05-20 CVE-2016-1795 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
AppleGraphicsPowerManagement in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
local
low complexity
apple CWE-119
7.8
2016-05-20 CVE-2016-1794 Unspecified vulnerability in Apple mac OS X
The AppleGraphicsControlClient::checkArguments method in AppleGraphicsControl in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
local
low complexity
apple
7.8
2016-05-20 CVE-2016-1793 Unspecified vulnerability in Apple mac OS X
AppleGraphicsDeviceControlClient in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
local
low complexity
apple
7.8
2016-05-20 CVE-2016-1792 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
The AMD subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
local
low complexity
apple CWE-119
7.8
2016-05-20 CVE-2016-1791 Information Exposure vulnerability in Apple mac OS X
The AMD subsystem in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.
local
low complexity
apple CWE-200
3.3