Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-03-24 | CVE-2016-1773 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X The code-signing subsystem in Apple OS X before 10.11.4 does not properly verify file ownership, which allows local users to determine the existence of arbitrary files via unspecified vectors. | 3.3 |
| 2016-03-24 | CVE-2016-1772 | Information Exposure vulnerability in Apple Safari The Top Sites feature in Apple Safari before 9.1 mishandles cookie storage, which makes it easier for remote web servers to track users via unspecified vectors. | 4.3 |
| 2016-03-24 | CVE-2016-1771 | Data Processing Errors vulnerability in Apple Safari The Downloads feature in Apple Safari before 9.1 mishandles file expansion, which allows remote attackers to cause a denial of service via a crafted web site. | 6.5 |
| 2016-03-24 | CVE-2016-1770 | Improper Access Control vulnerability in Apple mac OS X The Reminders component in Apple OS X before 10.11.4 allows attackers to bypass an intended user-confirmation requirement and trigger a dialing action via a tel: URL. | 6.5 |
| 2016-03-24 | CVE-2016-1769 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop file. | 7.8 |
| 2016-03-24 | CVE-2016-1768 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1767. | 7.8 |
| 2016-03-24 | CVE-2016-1767 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1768. | 7.8 |
| 2016-03-24 | CVE-2016-1766 | Unspecified vulnerability in Apple Iphone OS The Profiles component in Apple iOS before 9.3 does not properly validate certificates, which allows attackers to spoof an MDM profile trust relationship via unspecified vectors. | 7.5 |
| 2016-03-24 | CVE-2016-1765 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Xcode otool in Apple Xcode before 7.3 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors. | 7.8 |
| 2016-03-24 | CVE-2016-1764 | Information Exposure vulnerability in Apple mac OS X The Content Security Policy (CSP) implementation in Messages in Apple OS X before 10.11.4 allows remote attackers to obtain sensitive information via a javascript: URL. | 4.3 |