Vulnerabilities > Apple > High

DATE CVE VULNERABILITY TITLE RISK
2016-01-14 CVE-2016-0778 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.
network
high complexity
oracle openbsd apple hp sophos CWE-119
8.1
2016-01-11 CVE-2015-6980 Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X
Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which allows local users to gain privileges via unspecified vectors.
local
low complexity
apple CWE-264
7.8
2015-12-11 CVE-2015-7068 NULL Pointer Dereference vulnerability in Apple products
IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type.
local
low complexity
apple CWE-476
7.8
2015-04-10 CVE-2015-1130 Link Following vulnerability in Apple mac OS X
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
local
low complexity
apple CWE-59
7.8
2015-04-10 CVE-2015-1098 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS
iWork in Apple iOS before 8.3 and Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file.
local
low complexity
apple CWE-119
7.3
2014-09-18 CVE-2014-4422 Cryptographic Issues vulnerability in Apple Iphone OS and Tvos
The kernel in Apple iOS before 8 and Apple TV before 7 uses a predictable random number generator during the early portion of the boot process, which allows attackers to bypass certain kernel-hardening protection mechanisms by using a user-space process to observe data related to the random numbers.
network
high complexity
apple CWE-310
8.1
2014-09-18 CVE-2014-4418 Improper Input Validation vulnerability in Apple Iphone OS
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4388.
local
low complexity
apple CWE-20
7.8
2014-09-18 CVE-2014-4404 Out-of-bounds Write vulnerability in Apple Iphone OS and mac OS X
Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties.
local
low complexity
apple CWE-787
7.8
2014-09-18 CVE-2014-4388 Improper Input Validation vulnerability in Apple mac OS X
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than CVE-2014-4418.
local
low complexity
apple CWE-20
7.8
2014-09-18 CVE-2014-4375 Unspecified vulnerability in Apple mac OS X
Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports.
local
low complexity
apple
7.8