Vulnerabilities > Apple > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-02-01 | CVE-2016-1721 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products The kernel in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | 7.2 |
2016-02-01 | CVE-2016-1720 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products IOKit in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | 7.2 |
2016-02-01 | CVE-2016-1719 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | 7.2 |
2016-02-01 | CVE-2016-1717 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | 7.2 |
2016-02-01 | CVE-2016-1716 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X AppleGraphicsPowerManagement in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | 7.2 |
2016-01-21 | CVE-2015-8472 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. | 7.5 |
2016-01-14 | CVE-2016-0778 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings. | 8.1 |
2016-01-14 | CVE-2016-0947 | Remote Code Execution vulnerability in Adobe Acrobat and Reader Untrusted search path vulnerability in Adobe Download Manager, as used in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X, allows local users to gain privileges via a crafted resource in an unspecified directory. | 7.2 |
2016-01-11 | CVE-2015-6980 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which allows local users to gain privileges via unspecified vectors. | 7.2 |
2015-12-15 | CVE-2015-5312 | Resource Management Errors vulnerability in multiple products The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660. | 7.1 |