Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2016-03-24 CVE-2016-1765 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Xcode
otool in Apple Xcode before 7.3 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors.
local
low complexity
apple CWE-119
7.8
2016-03-24 CVE-2016-1762 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
network
low complexity
apple debian canonical xmlsoft redhat mcafee CWE-119
8.1
2016-03-24 CVE-2016-1759 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
The kernel in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
local
low complexity
apple CWE-119
7.8
2016-03-24 CVE-2016-1757 Race Condition vulnerability in Apple Iphone OS
Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app.
local
high complexity
apple CWE-362
7.0
2016-03-24 CVE-2016-1756 Unspecified vulnerability in Apple Iphone OS
The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
local
low complexity
apple
7.8
2016-03-24 CVE-2016-1755 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1754.
local
low complexity
apple CWE-119
7.8
2016-03-24 CVE-2016-1754 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1755.
local
low complexity
apple CWE-119
7.8
2016-03-24 CVE-2016-1753 Integer Overflow or Wraparound vulnerability in Apple products
Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allow attackers to execute arbitrary code in a privileged context via a crafted app.
local
low complexity
apple CWE-190
7.8
2016-03-24 CVE-2016-1751 Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS and Watchos
The kernel in Apple iOS before 9.3, tvOS before 9.2, and watchOS before 2.2 does not properly restrict the execute permission, which allows attackers to bypass a code-signing protection mechanism via a crafted app.
local
low complexity
apple CWE-264
7.8
2016-03-24 CVE-2016-1750 Use After Free vulnerability in Apple products
Use-after-free vulnerability in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context via a crafted app.
local
low complexity
apple CWE-416
7.8