Vulnerabilities > Apple > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-07-22 | CVE-2014-9862 | Integer Overflow or Wraparound vulnerability in Apple mac OS X Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file. | 7.8 |
| 2016-06-19 | CVE-2016-1861 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X The NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1846. | 7.8 |
| 2016-06-09 | CVE-2016-4447 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName. | 7.5 |
| 2016-05-20 | CVE-2016-1859 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The WebKit Canvas implementation in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 8.8 |
| 2016-05-20 | CVE-2016-1857 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1855, and CVE-2016-1856. | 8.8 |
| 2016-05-20 | CVE-2016-1856 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1855, and CVE-2016-1857. | 8.8 |
| 2016-05-20 | CVE-2016-1855 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1856, and CVE-2016-1857. | 8.8 |
| 2016-05-20 | CVE-2016-1854 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1855, CVE-2016-1856, and CVE-2016-1857. | 8.8 |
| 2016-05-20 | CVE-2016-1853 | Information Exposure vulnerability in Apple mac OS X Tcl in Apple OS X before 10.11.5 allows remote attackers to obtain sensitive information by leveraging SSLv2 support. | 7.5 |
| 2016-05-20 | CVE-2016-1850 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X SceneKit in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file. | 7.8 |