Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-1800 1Apple 1Mac Os X May 6, 2026 May 20, 2016 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Captive Network Assistant in Apple OS X before 10.11.5 mishandles a custom URL scheme, which allows user-assisted remote attackers to execute arbitrary code via unspecified vectors.
CVE-2016-1799 1Apple 1Mac Os X May 6, 2026 May 20, 2016 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Audio in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1798 1Apple 1Mac Os X May 6, 2026 May 20, 2016 N/A· v4 3.3 LOW· v3 4.3 MEDIUM· v2 Audio in Apple OS X before 10.11.5 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app.
CVE-2016-1797 1Apple 1Mac Os X May 6, 2026 May 20, 2016 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to bypass intended FontValidator sandbox-policy restrictions and execute arbitrary code in a privileged context via a crafted app.
CVE-2016-1796 1Apple 1Mac Os X May 6, 2026 May 20, 2016 N/A· v4 3.3 LOW· v3 4.3 MEDIUM· v2 Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds memory access) via a crafted app.
CVE-2016-1795 1Apple 1Mac Os X May 6, 2026 May 20, 2016 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 AppleGraphicsPowerManagement in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1794 1Apple 1Mac Os X May 6, 2026 May 20, 2016 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 The AppleGraphicsControlClient::checkArguments method in AppleGraphicsControl in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer der...Show more The AppleGraphicsControlClient::checkArguments method in AppleGraphicsControl in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.Show less
CVE-2016-1793 1Apple 1Mac Os X May 6, 2026 May 20, 2016 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 AppleGraphicsDeviceControlClient in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
CVE-2016-1792 1Apple 1Mac Os X May 6, 2026 May 20, 2016 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 The AMD subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1791 1Apple 1Mac Os X May 6, 2026 May 20, 2016 N/A· v4 3.3 LOW· v3 4.3 MEDIUM· v2 The AMD subsystem in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.
CVE-2015-8865 2Apple Php 2Mac Os X Php May 6, 2026 May 20, 2016 N/A· v4 7.3 HIGH· v3 7.5 HIGH· v2 The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dep...Show more The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service (buffer overflow and application crash) or possibly execute arbitrary code via a crafted magic file.Show less
CVE-2016-1208 2Apple Filemaker 2Filemaker Mac Os X May 6, 2026 May 14, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors.
CVE-2016-2105 8Apple CanonicalDebian+5 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+12 more May 6, 2026 May 5, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount o...Show more Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.Show less
CVE-2016-3142 2Apple Php 2Mac Os X Php May 6, 2026 Mar 31, 2016 N/A· v4 8.2 HIGH· v3 6.4 MEDIUM· v2 The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of...Show more The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\x05\x06 signature at an invalid location.Show less
CVE-2016-3141 2Apple Php 2Mac Os X Php May 6, 2026 Mar 31, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have un...Show more Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by triggering a wddx_deserialize call on XML data containing a crafted var element.Show less
CVE-2016-1788 1Apple 3Iphone Os Mac Os XWatchos May 6, 2026 Mar 24, 2016 N/A· v4 5.9 MEDIUM· v3 2.6 LOW· v2 Messages in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 does not properly implement a cryptographic protection mechanism, which allows remote attackers to read message attachments via vectors relate...Show more Messages in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 does not properly implement a cryptographic protection mechanism, which allows remote attackers to read message attachments via vectors related to duplicate messages.Show less
CVE-2016-1775 1Apple 4Iphone Os Mac Os XTvos+1 more May 6, 2026 Mar 24, 2016 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font f...Show more TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.Show less
CVE-2016-1773 1Apple 1Mac Os X May 6, 2026 Mar 24, 2016 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 The code-signing subsystem in Apple OS X before 10.11.4 does not properly verify file ownership, which allows local users to determine the existence of arbitrary files via unspecified vectors.
CVE-2016-1770 1Apple 1Mac Os X May 6, 2026 Mar 24, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The Reminders component in Apple OS X before 10.11.4 allows attackers to bypass an intended user-confirmation requirement and trigger a dialing action via a tel: URL.
CVE-2016-1769 1Apple 1Mac Os X May 6, 2026 Mar 24, 2016 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop file.

Previous 1...818283...161 Next