Vulnerabilities > Apple > High

DATE CVE VULNERABILITY TITLE RISK
2016-02-01 CVE-2016-1721 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
The kernel in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
local
low complexity
apple CWE-119
7.8
2016-02-01 CVE-2016-1720 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
IOKit in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
local
low complexity
apple CWE-119
7.8
2016-02-01 CVE-2016-1719 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
local
low complexity
apple CWE-119
7.8
2016-02-01 CVE-2016-1718 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
The IOAcceleratorFamily2 interface in IOAcceleratorFamily in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
local
low complexity
apple CWE-119
7.3
2016-02-01 CVE-2016-1717 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
local
low complexity
apple CWE-119
7.8
2016-02-01 CVE-2016-1716 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
AppleGraphicsPowerManagement in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
local
low complexity
apple CWE-119
7.8
2016-01-21 CVE-2015-8472 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.
network
low complexity
apple libpng CWE-119
7.3
2016-01-14 CVE-2016-0778 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.
network
high complexity
oracle openbsd apple hp sophos CWE-119
8.1
2016-01-11 CVE-2015-6980 Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X
Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which allows local users to gain privileges via unspecified vectors.
local
low complexity
apple CWE-264
7.8
2015-12-11 CVE-2015-7068 NULL Pointer Dereference vulnerability in Apple products
IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type.
local
low complexity
apple CWE-476
7.8