CVEs (4,015)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. |
1Apple 4Iphone Os Mac Os XTvos+1 moreMay 6, 2026 Mar 24, 2016 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font f...Show more |
The Profiles component in Apple iOS before 9.3 does not properly validate certificates, which allows attackers to spoof an MDM profile trust relationship via unspecified vectors. |
Messages in Apple iOS before 9.3 does not ensure that an auto-fill action applies to the intended message thread, which allows remote authenticated users to obtain sensitive information by providing a crafted sms: URL an...Show more |
6Apple CanonicalDebian+3 more15Debian Linux Enterprise Linux DesktopEnterprise Linux Server+12 moreMay 6, 2026 Mar 24, 2016 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. |
1Apple 3Iphone Os Mac Os XWatchosMay 6, 2026 Mar 24, 2016 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 libxml2 in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document. |
The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app. |
Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app. |
The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. |
1Apple 4Iphone Os Mac Os XTvos+1 moreMay 6, 2026 Mar 24, 2016 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a c...Show more |
1Apple 4Iphone Os Mac Os XTvos+1 moreMay 6, 2026 Mar 24, 2016 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a c...Show more |
1Apple 4Iphone Os Mac Os XTvos+1 moreMay 6, 2026 Mar 24, 2016 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allow attackers to execute arbitrary code in a privileged context via a crafted app. |
1Apple 4Iphone Os Mac Os XTvos+1 moreMay 6, 2026 Mar 24, 2016 N/A· v4 5.5 MEDIUM· v3 7.1 HIGH· v2 The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to cause a denial of service via a crafted app. |
The kernel in Apple iOS before 9.3, tvOS before 9.2, and watchOS before 2.2 does not properly restrict the execute permission, which allows attackers to bypass a code-signing protection mechanism via a crafted app. |
1Apple 4Iphone Os Mac Os XTvos+1 moreMay 6, 2026 Mar 24, 2016 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Use-after-free vulnerability in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context via a crafted app. |
1Apple 4Iphone Os Mac Os XTvos+1 moreMay 6, 2026 Mar 24, 2016 N/A· v4 3.3 LOW· v3 4.3 MEDIUM· v2 IOHIDFamily in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. |
1Apple 4Iphone Os Mac Os XTvos+1 moreMay 6, 2026 Mar 24, 2016 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 FontParser in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF docume...Show more |
AppleUSBNetworking in Apple iOS before 9.3 and OS X before 10.11.4 allows physically proximate attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted US...Show more |
4Apple MozillaOpensuse+1 more12Firefox Glassfish ServerIphone Os+9 moreMay 6, 2026 Mar 13, 2016 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers...Show more |
2Apple Google5Android Iphone OsMac Os X+2 moreMay 6, 2026 Feb 7, 2016 N/A· v4 8.8 HIGH· v3 8.3 HIGH· v2 The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) v...Show more |