Vulnerabilities > Apple > MAC OS X > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-05-20 | CVE-2016-1801 | Information Exposure vulnerability in Apple Iphone OS, mac OS X and Tvos The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 mishandles URLs in http and https requests, which allows remote attackers to obtain sensitive information via unspecified vectors. | 7.5 |
| 2016-05-20 | CVE-2016-1800 | Improper Input Validation vulnerability in Apple mac OS X Captive Network Assistant in Apple OS X before 10.11.5 mishandles a custom URL scheme, which allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. | 8.8 |
| 2016-05-20 | CVE-2016-1799 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X Audio in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 7.8 |
| 2016-05-20 | CVE-2016-1797 | Improper Access Control vulnerability in Apple mac OS X Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to bypass intended FontValidator sandbox-policy restrictions and execute arbitrary code in a privileged context via a crafted app. | 7.8 |
| 2016-05-20 | CVE-2016-1795 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X AppleGraphicsPowerManagement in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 7.8 |
| 2016-05-20 | CVE-2016-1794 | Unspecified vulnerability in Apple mac OS X The AppleGraphicsControlClient::checkArguments method in AppleGraphicsControl in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. | 7.8 |
| 2016-05-20 | CVE-2016-1793 | Unspecified vulnerability in Apple mac OS X AppleGraphicsDeviceControlClient in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. | 7.8 |
| 2016-05-20 | CVE-2016-1792 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X The AMD subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 7.8 |
| 2016-05-20 | CVE-2015-8865 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service (buffer overflow and application crash) or possibly execute arbitrary code via a crafted magic file. | 7.3 |
| 2016-05-14 | CVE-2016-1208 | Information Exposure vulnerability in multiple products The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors. | 7.5 |