Vulnerabilities > Apple > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-05-20 | CVE-2016-1803 | NULL Pointer Dereference vulnerability in Apple products CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. | 7.8 |
| 2016-05-20 | CVE-2016-1801 | Information Exposure vulnerability in Apple mac OS X The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 mishandles URLs in http and https requests, which allows remote attackers to obtain sensitive information via unspecified vectors. | 7.5 |
| 2016-05-20 | CVE-2016-1800 | Improper Input Validation vulnerability in Apple mac OS X Captive Network Assistant in Apple OS X before 10.11.5 mishandles a custom URL scheme, which allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. | 8.8 |
| 2016-05-20 | CVE-2016-1799 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X Audio in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 7.8 |
| 2016-05-20 | CVE-2016-1797 | Improper Access Control vulnerability in Apple mac OS X Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to bypass intended FontValidator sandbox-policy restrictions and execute arbitrary code in a privileged context via a crafted app. | 7.8 |
| 2016-05-20 | CVE-2016-1795 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X AppleGraphicsPowerManagement in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 7.8 |
| 2016-05-20 | CVE-2016-1794 | Unspecified vulnerability in Apple mac OS X The AppleGraphicsControlClient::checkArguments method in AppleGraphicsControl in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. | 7.8 |
| 2016-05-20 | CVE-2016-1793 | Unspecified vulnerability in Apple mac OS X AppleGraphicsDeviceControlClient in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. | 7.8 |
| 2016-05-20 | CVE-2016-1792 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X The AMD subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 7.8 |
| 2016-05-20 | CVE-2016-1742 | Permissions, Privileges, and Access Controls vulnerability in Apple Itunes Untrusted search path vulnerability in the installer in Apple iTunes before 12.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory. | 7.8 |