Vulnerabilities > Apple

DATE CVE VULNERABILITY TITLE RISK
2016-05-20 CVE-2016-1813 NULL Pointer Dereference vulnerability in Apple products
The IOAccelSharedUserClient2::page_off_resource method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
local
low complexity
apple CWE-476
7.8
2016-05-20 CVE-2016-1812 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
Buffer overflow in Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app.
local
low complexity
apple CWE-119
7.8
2016-05-20 CVE-2016-1811 NULL Pointer Dereference vulnerability in Apple products
ImageIO in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image.
network
low complexity
apple CWE-476
6.5
2016-05-20 CVE-2016-1810 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
The Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
local
low complexity
apple CWE-119
7.8
2016-05-20 CVE-2016-1809 Unspecified vulnerability in Apple mac OS X
Disk Utility in Apple OS X before 10.11.5 uses incorrect encryption keys for disk images, which has unspecified impact and attack vectors.
network
low complexity
apple
7.5
2016-05-20 CVE-2016-1808 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
The Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
local
low complexity
apple CWE-119
7.8
2016-05-20 CVE-2016-1807 Race Condition vulnerability in Apple products
Race condition in the Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to obtain sensitive information from kernel memory via unspecified vectors.
local
high complexity
apple CWE-362
5.1
2016-05-20 CVE-2016-1806 Improper Access Control vulnerability in Apple mac OS X
Crash Reporter in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app.
local
low complexity
apple CWE-284
7.8
2016-05-20 CVE-2016-1805 Improper Access Control vulnerability in Apple mac OS X
CoreStorage in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app.
local
low complexity
apple CWE-284
7.8
2016-05-20 CVE-2016-1804 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
The Multi-Touch subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
local
low complexity
apple CWE-119
7.8