Skip to main content
CVE-2016-1742 HIGH This Week

Untrusted search path vulnerability in the installer in Apple iTunes before 12.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Privilege Escalation Itunes
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-1822 HIGH This Week

IOFireWireFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-1832 HIGH This Week

libc in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow Iphone Os Mac Os X +2
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2015-7558 HIGH PATCH This Week

librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Debian Linux Librsvg
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2016-1853 HIGH This Week

Tcl in Apple OS X before 10.11.5 allows remote attackers to obtain sensitive information by leveraging SSLv2 support. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
7.5
EPSS
1.3%
CVE-2016-1843 HIGH This Week

The Messages component in Apple OS X before 10.11.5 mishandles filename encoding, which allows remote attackers to obtain sensitive information via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
7.5
EPSS
1.3%
CVE-2016-1842 HIGH This Week

MapKit in Apple iOS before 9.3.2, OS X before 10.11.5, and watchOS before 2.2.1 does not use HTTPS for shared links, which allows remote attackers to obtain sensitive information by sniffing the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Iphone Os Mac Os X Watchos
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2015-7557 HIGH This Week

The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Librsvg
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2016-1809 HIGH This Week

Disk Utility in Apple OS X before 10.11.5 uses incorrect encryption keys for disk images, which has unspecified impact and attack vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X
NVD
CVSS 3.0
7.5
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy