MAC OS X

DATE	CVE	VULNERABILITY TITLE	RISK
2016-07-23	CVE-2016-5131	Use After Free vulnerability in multiple products Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. network low complexity google xmlsoft apple canonical redhat suse opensuse debian CWE-416	8.8
2016-07-22	CVE-2016-4653	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4582. local low complexity apple CWE-119	7.2
2016-07-22	CVE-2016-4652	Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X CoreGraphics in Apple OS X before 10.11.6 allows local users to obtain sensitive information from kernel memory and consequently gain privileges, or cause a denial of service (out-of-bounds read), via unspecified vectors. local apple CWE-264	3.3
2016-07-22	CVE-2016-4649	NULL Pointer Dereference vulnerability in Apple mac OS X Audio in Apple OS X before 10.11.6 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors. local low complexity apple CWE-476	2.1
2016-07-22	CVE-2016-4648	Information Exposure vulnerability in Apple mac OS X Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors. local low complexity apple CWE-200	4.9
2016-07-22	CVE-2016-4647	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X Audio in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted file. local low complexity apple CWE-119	7.2
2016-07-22	CVE-2016-4646	Information Exposure vulnerability in Apple mac OS X Audio in Apple OS X before 10.11.6 mishandles a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted audio file. network apple CWE-200	4.3
2016-07-22	CVE-2016-4645	Information Exposure vulnerability in Apple mac OS X CFNetwork in Apple OS X before 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors. local low complexity apple CWE-200	2.1
2016-07-22	CVE-2016-4641	Improper Input Validation vulnerability in Apple mac OS X Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or obtain sensitive user information via a crafted app that leverages a "type confusion." network apple CWE-20 critical	9.3
2016-07-22	CVE-2016-4640	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service (memory corruption) via a crafted app. network apple CWE-119 critical	9.3