Apple

macOS X

3207 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2016-4699

  • EPSS 0.23%
  • Veröffentlicht 25.09.2016 10:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

AppleUUC in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-4700.

9.3

CVE-2016-4697

  • EPSS 0.22%
  • Veröffentlicht 25.09.2016 10:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Apple HSSPI Support in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3

CVE-2016-4698

  • EPSS 0.24%
  • Veröffentlicht 25.09.2016 10:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

AppleMobileFileIntegrity in Apple iOS before 10 and OS X before 10.12 mishandles process entitlement and Team ID values in the task port inheritance policy, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

9.3

CVE-2016-4696

  • EPSS 0.22%
  • Veröffentlicht 25.09.2016 10:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

AppleEFIRuntime in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.

9.1

CVE-2016-4694

  • EPSS 0.96%
  • Veröffentlicht 25.09.2016 10:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Apache HTTP Server in Apple OS X before 10.12 and OS X Server before 5.2 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted CGI client data in the HTTP_PROXY environment variable, which migh...

10

CVE-2016-4658

  • EPSS 19.34%
  • Veröffentlicht 25.09.2016 10:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary co...

8.8

CVE-2016-5131

  • EPSS 4.2%
  • Veröffentlicht 23.07.2016 19:59:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.

7.8

CVE-2016-4653

  • EPSS 0.06%
  • Veröffentlicht 22.07.2016 03:00:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-...

6.3

CVE-2016-4652

  • EPSS 0.06%
  • Veröffentlicht 22.07.2016 03:00:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CoreGraphics in Apple OS X before 10.11.6 allows local users to obtain sensitive information from kernel memory and consequently gain privileges, or cause a denial of service (out-of-bounds read), via unspecified vectors.

5.5

CVE-2016-4649

  • EPSS 0.06%
  • Veröffentlicht 22.07.2016 03:00:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Audio in Apple OS X before 10.11.6 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.