Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X
Subscriptions
Total
5567 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4716 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| diskutil in DiskArbitration in Apple OS X before 10.12 allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2016-4715 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| The Date & Time Pref Pane component in Apple OS X before 10.12 mishandles the .GlobalPreferences file, which allows attackers to discover a user's location via a crafted app. | ||||
| CVE-2016-4713 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| CoreDisplay in Apple OS X before 10.12 allows attackers to view arbitrary users' screens by leveraging screen-sharing access. | ||||
| CVE-2016-4712 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | N/A |
| CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app. | ||||
| CVE-2016-4711 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | N/A |
| CCrypt in corecrypto in CommonCrypto in Apple iOS before 10 and OS X before 10.12 allows attackers to discover cleartext information by leveraging a function call that specifies the same buffer for input and output. | ||||
| CVE-2016-4710 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage "type confusion," a different vulnerability than CVE-2016-4709. | ||||
| CVE-2016-4709 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage "type confusion," a different vulnerability than CVE-2016-4710. | ||||
| CVE-2016-4708 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | N/A |
| CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses the Set-Cookie header, which allows remote attackers to obtain sensitive information via a crafted HTTP response. | ||||
| CVE-2016-4707 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | N/A |
| CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles Local Storage deletion, which allows local users to discover the visited web sites of arbitrary users via unspecified vectors. | ||||
| CVE-2016-4706 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| cd9660 in Apple OS X before 10.12 allows local users to cause a denial of service via unspecified vectors. | ||||
| CVE-2016-4703 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| Bluetooth in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | ||||
| CVE-2016-4702 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | N/A |
| Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | ||||
| CVE-2016-4701 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| Application Firewall in Apple OS X before 10.12 allows local users to cause a denial of service via vectors involving a crafted SO_EXECPATH environment variable. | ||||
| CVE-2016-4700 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| AppleUUC in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-4699. | ||||
| CVE-2016-4699 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| AppleUUC in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-4700. | ||||
| CVE-2016-4698 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | N/A |
| AppleMobileFileIntegrity in Apple iOS before 10 and OS X before 10.12 mishandles process entitlement and Team ID values in the task port inheritance policy, which allows attackers to execute arbitrary code in a privileged context via a crafted app. | ||||
| CVE-2016-4697 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| Apple HSSPI Support in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | ||||
| CVE-2016-4696 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| AppleEFIRuntime in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. | ||||
| CVE-2016-4694 | 1 Apple | 2 Mac Os X, Os X Server | 2024-11-21 | N/A |
| The Apache HTTP Server in Apple OS X before 10.12 and OS X Server before 5.2 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted CGI client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue, a related issue to CVE-2016-5387. | ||||
| CVE-2016-4693 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2024-11-21 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Security" component, which makes it easier for attackers to bypass cryptographic protection mechanisms by leveraging use of the 3DES cipher. | ||||