Vulnerabilities > Apple > High

DATE CVE VULNERABILITY TITLE RISK
2016-03-13 CVE-2016-1950 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.
network
low complexity
mozilla oracle apple opensuse CWE-119
8.8
2016-02-15 CVE-2016-0742 NULL Pointer Dereference vulnerability in multiple products
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response.
network
low complexity
f5 canonical debian opensuse apple redhat CWE-476
7.5
2016-02-07 CVE-2016-0802 Improper Input Validation vulnerability in multiple products
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25306181.
low complexity
google apple CWE-20
8.8
2016-02-01 CVE-2016-1729 Unspecified vulnerability in Apple mac OS X
Untrusted search path vulnerability in OSA Scripts in Apple OS X before 10.11.3 allows attackers to load arbitrary script libraries via a quarantined application.
network
low complexity
apple
7.3
2016-02-01 CVE-2016-1727 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1724.
network
low complexity
apple webkitgtk CWE-119
8.8
2016-02-01 CVE-2016-1726 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari
WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1723 and CVE-2016-1725.
network
low complexity
apple CWE-119
8.8
2016-02-01 CVE-2016-1725 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari
WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1723 and CVE-2016-1726.
network
low complexity
apple CWE-119
8.8
2016-02-01 CVE-2016-1724 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1727.
network
low complexity
apple webkitgtk CWE-119
8.8
2016-02-01 CVE-2016-1723 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari
WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1725 and CVE-2016-1726.
network
low complexity
apple CWE-119
8.8
2016-02-01 CVE-2016-1722 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
syslog in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
local
low complexity
apple CWE-119
7.8