Apple

macOS X

3207 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2016-2105

  • EPSS 50.8%
  • Published 05.05.2016 01:59:01
  • Last modified 12.04.2025 10:46:40

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.

8.2

CVE-2016-3142

  • EPSS 3.86%
  • Published 31.03.2016 16:59:01
  • Last modified 12.04.2025 10:46:40

The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application c...

9.8

CVE-2016-3141

  • EPSS 47.06%
  • Published 31.03.2016 16:59:00
  • Last modified 12.04.2025 10:46:40

Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by trig...

5.9

CVE-2016-1788

  • EPSS 0.59%
  • Published 24.03.2016 01:59:55
  • Last modified 12.04.2025 10:46:40

Messages in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 does not properly implement a cryptographic protection mechanism, which allows remote attackers to read message attachments via vectors related to duplicate messages.

9.3

CVE-2016-1775

  • EPSS 0.98%
  • Published 24.03.2016 01:59:42
  • Last modified 12.04.2025 10:46:40

TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.

3.3

CVE-2016-1773

  • EPSS 0.05%
  • Published 24.03.2016 01:59:41
  • Last modified 12.04.2025 10:46:40

The code-signing subsystem in Apple OS X before 10.11.4 does not properly verify file ownership, which allows local users to determine the existence of arbitrary files via unspecified vectors.

6.5

CVE-2016-1770

  • EPSS 0.23%
  • Published 24.03.2016 01:59:38
  • Last modified 12.04.2025 10:46:40

The Reminders component in Apple OS X before 10.11.4 allows attackers to bypass an intended user-confirmation requirement and trigger a dialing action via a tel: URL.

7.8

CVE-2016-1769

  • EPSS 4.57%
  • Published 24.03.2016 01:59:37
  • Last modified 12.04.2025 10:46:40

QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop file.

7.8

CVE-2016-1768

  • EPSS 8.57%
  • Published 24.03.2016 01:59:36
  • Last modified 12.04.2025 10:46:40

QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1767.

7.8

CVE-2016-1767

  • EPSS 4.57%
  • Published 24.03.2016 01:59:35
  • Last modified 12.04.2025 10:46:40

QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1768.