National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:apple:mac_os_x:10.6.1
There are 3,051 matching records.
Displaying matches 1461 through 1480.
Vuln ID Summary CVSS Severity
CVE-2016-1750

Use-after-free vulnerability in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context via a crafted app.

Published: March 23, 2016; 09:59:20 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-1749

IOUSBFamily in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Published: March 23, 2016; 09:59:19 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-1748

IOHIDFamily in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.

Published: March 23, 2016; 09:59:18 PM -04:00
V3.0: 3.3 LOW
    V2: 4.3 MEDIUM
CVE-2016-1747

IOGraphics in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1746.

Published: March 23, 2016; 09:59:17 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-1746

IOGraphics in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1747.

Published: March 23, 2016; 09:59:16 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-1745

IOFireWireFamily in Apple OS X before 10.11.4 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.

Published: March 23, 2016; 09:59:15 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2016-1744

The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1743.

Published: March 23, 2016; 09:59:14 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-1743

The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1744.

Published: March 23, 2016; 09:59:13 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-1741

The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Published: March 23, 2016; 09:59:12 PM -04:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2016-1740

FontParser in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document.

Published: March 23, 2016; 09:59:11 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-1738

dyld in Apple OS X before 10.11.4 allows attackers to bypass a code-signing protection mechanism via a modified app.

Published: March 23, 2016; 09:59:10 PM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2016-1737

Carbon in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dfont file.

Published: March 23, 2016; 09:59:09 PM -04:00
V3.0: 6.3 MEDIUM
    V2: 6.8 MEDIUM
CVE-2016-1736

Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1735.

Published: March 23, 2016; 09:59:08 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-1735

Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1736.

Published: March 23, 2016; 09:59:08 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-1734

AppleUSBNetworking in Apple iOS before 9.3 and OS X before 10.11.4 allows physically proximate attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted USB device.

Published: March 23, 2016; 09:59:07 PM -04:00
V3.0: 6.8 MEDIUM
    V2: 7.2 HIGH
CVE-2016-1733

AppleRAID in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Published: March 23, 2016; 09:59:06 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-1732

AppleRAID in Apple OS X before 10.11.4 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors.

Published: March 23, 2016; 09:59:05 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2015-7551

The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string, related to the DL module and the libffi library. NOTE: this vulnerability exists because of a CVE-2009-5147 regression.

Published: March 23, 2016; 09:59:03 PM -04:00
V3.0: 8.4 HIGH
    V2: 4.6 MEDIUM
CVE-2016-1950

Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.

Published: March 13, 2016; 02:59:00 PM -04:00
V3.0: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2016-1010

Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993.

Published: March 12, 2016; 10:59:25 AM -05:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH