Vulnerabilities > Apple > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-02 | CVE-2017-2428 | Unspecified vulnerability in Apple products An issue was discovered in certain Apple products. | 9.8 |
| 2017-04-02 | CVE-2017-2423 | Improper Verification of Cryptographic Signature vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 9.8 |
| 2017-04-02 | CVE-2017-2402 | Unspecified vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 9.8 |
| 2017-02-20 | CVE-2016-7663 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 9.8 |
| 2017-02-20 | CVE-2016-7630 | 7PK - Security Features vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 9.8 |
| 2016-09-25 | CVE-2016-4734 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and Tvos WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4733, and CVE-2016-4735. | 9.6 |
| 2016-09-25 | CVE-2016-4702 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 9.8 |
| 2016-09-25 | CVE-2016-4694 | Improper Access Control vulnerability in Apple mac OS X The Apache HTTP Server in Apple OS X before 10.12 and OS X Server before 5.2 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted CGI client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue, a related issue to CVE-2016-5387. | 9.1 |
| 2016-09-25 | CVE-2016-4658 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document. | 9.8 |
| 2016-07-22 | CVE-2016-4629 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted xStride and yStride values in an EXR image. | 9.8 |