Vulnerabilities > Apple > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-22 | CVE-2017-2494 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
| 2017-04-24 | CVE-2011-3438 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari 5.0.6 WebKit, as used in Safari 5.0.6, allows remote attackers to cause a denial of service (process crash) or arbitrary code execution. | 8.8 |
| 2017-04-20 | CVE-2016-4650 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS Heap-based buffer overflow in IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 7.8 |
| 2017-04-13 | CVE-2010-1821 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges. | 7.8 |
| 2017-04-13 | CVE-2010-1816 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image. | 7.8 |
| 2017-04-03 | CVE-2016-10226 | Out-of-bounds Read vulnerability in Apple Safari 18 JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (bitfield out-of-bounds read and application crash) via crafted JavaScript code that is mishandled in the operatorString function, related to assembler/MacroAssemblerARM64.h, assembler/MacroAssemblerX86Common.h, and wasm/WasmB3IRGenerator.cpp. | 7.5 |
| 2017-04-03 | CVE-2016-10222 | Improper Input Validation vulnerability in Apple Safari 18 runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (segmentation violation and application crash) via crafted JavaScript code that triggers a "type confusion" in the JSON.stringify function. | 7.5 |
| 2017-04-02 | CVE-2017-2490 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 7.8 |
| 2017-04-02 | CVE-2017-2487 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 7.8 |
| 2017-04-02 | CVE-2017-2485 | Use After Free vulnerability in Apple products An issue was discovered in certain Apple products. | 8.8 |