Max CVSS 9.3 Min CVSS 1.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2016-1841 6.8
libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
18-06-2019 - 20:15 20-05-2016 - 10:59
CVE-2016-1803 6.8
CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
25-03-2019 - 17:54 20-05-2016 - 10:59
CVE-2016-1802 4.3
CCCrypt in CommonCrypto in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 mishandles return values during key-length calculations, which allows attackers to obtain sensitive information via a crafted app.
25-03-2019 - 17:54 20-05-2016 - 10:59
CVE-2016-1817 9.3
IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a d
25-03-2019 - 17:53 20-05-2016 - 10:59
CVE-2016-1814 4.3
IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app.
25-03-2019 - 17:53 20-05-2016 - 10:59
CVE-2016-1811 4.3
ImageIO in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image.
25-03-2019 - 17:51 20-05-2016 - 10:59
CVE-2016-1807 1.9
Race condition in the Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to obtain sensitive information from kernel memory via unspecified vectors.
25-03-2019 - 17:49 20-05-2016 - 10:59
CVE-2016-1801 5.0
The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 mishandles URLs in http and https requests, which allows remote attackers to obtain sensitive information via unspecified vectors.
25-03-2019 - 17:47 20-05-2016 - 10:59
CVE-2016-1808 9.3
The Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted ap
25-03-2019 - 17:46 20-05-2016 - 10:59
CVE-2016-1823 9.3
The IOHIDDevice::handleReportWithTime function in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds
25-03-2019 - 17:44 20-05-2016 - 10:59
CVE-2016-1813 9.3
The IOAccelSharedUserClient2::page_off_resource method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL p
25-03-2019 - 17:44 20-05-2016 - 10:59
CVE-2016-1819 9.3
Use-after-free vulnerability in the IOAccelContext2::clientMemoryForType method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a
25-03-2019 - 17:39 20-05-2016 - 10:59
CVE-2016-1847 6.8
OpenGL, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
25-03-2019 - 17:34 20-05-2016 - 11:00
CVE-2016-1830 8.5
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different
25-03-2019 - 17:33 20-05-2016 - 10:59
CVE-2016-1829 9.3
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different
25-03-2019 - 17:33 20-05-2016 - 10:59
CVE-2016-1828 9.3
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different
25-03-2019 - 17:33 20-05-2016 - 10:59
CVE-2016-1827 9.3
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different
25-03-2019 - 17:32 20-05-2016 - 10:59
CVE-2016-1824 9.3
IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different
25-03-2019 - 17:32 20-05-2016 - 10:59
CVE-2016-1840 6.8
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause
25-03-2019 - 17:27 20-05-2016 - 10:59
CVE-2016-1839 4.3
The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a craft
25-03-2019 - 17:27 20-05-2016 - 10:59
CVE-2016-1838 4.3
The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-
25-03-2019 - 17:26 20-05-2016 - 10:59
CVE-2016-1837 4.3
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remot
25-03-2019 - 17:26 20-05-2016 - 10:59
CVE-2016-1836 4.3
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via
25-03-2019 - 17:25 20-05-2016 - 10:59
CVE-2016-1834 9.3
Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of
25-03-2019 - 17:24 20-05-2016 - 10:59
CVE-2016-1833 4.3
The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafte
25-03-2019 - 17:22 20-05-2016 - 10:59
CVE-2016-1832 4.6
libc in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
21-03-2019 - 17:32 20-05-2016 - 10:59
CVE-2016-1831 9.3
The kernel in Apple iOS before 9.3.2 and OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
08-03-2019 - 16:06 20-05-2016 - 10:59
CVE-2016-1818 9.3
IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a d
08-03-2019 - 16:06 20-05-2016 - 10:59
CVE-2015-8865 7.5
The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a de
30-06-2018 - 01:29 20-05-2016 - 10:59
CVE-2016-4073 7.5
Multiple integer overflows in the mbfl_strcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial of service (application crash) or possibly execute
05-01-2018 - 02:30 20-05-2016 - 11:00
CVE-2016-4072 7.5
The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via a crafted filename, as demonstrated by mishandling of \0 characters by the phar_analyze_path function in ext/phar
05-01-2018 - 02:30 20-05-2016 - 11:00
CVE-2016-4071 7.5
Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via format string specifiers in an SNMP::get call.
05-01-2018 - 02:30 20-05-2016 - 11:00
CVE-2016-4070 5.0
** DISPUTED ** Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the
05-01-2018 - 02:30 20-05-2016 - 11:00
CVE-2016-3142 6.4
The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application c
05-01-2018 - 02:30 31-03-2016 - 16:59
CVE-2016-3141 7.5
Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by trig
05-01-2018 - 02:30 31-03-2016 - 16:59
CVE-2016-1835 6.8
Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document.
05-01-2018 - 02:30 20-05-2016 - 10:59
CVE-2016-1821 9.3
IOAudioFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476:
02-12-2016 - 22:49 20-05-2016 - 10:59
CVE-2016-1820 9.3
Buffer overflow in IOAudioFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app.
02-12-2016 - 22:49 20-05-2016 - 10:59
CVE-2016-1826 9.3
Integer overflow in the dtrace implementation in the kernel in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app. <a href="http://cwe.mitre.org/data/definitions/190.html">CWE-190: Integer O
02-12-2016 - 22:48 20-05-2016 - 10:59
CVE-2016-1850 6.8
SceneKit in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file.
02-12-2016 - 22:46 20-05-2016 - 11:00
CVE-2016-1825 9.3
IOHIDFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
02-12-2016 - 22:45 20-05-2016 - 10:59
CVE-2016-1822 9.3
IOFireWireFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
02-12-2016 - 22:40 20-05-2016 - 10:59
CVE-2016-1851 2.1
The Screen Lock feature in Apple OS X before 10.11.5 mishandles password profiles, which allows physically proximate attackers to reset expired passwords in the lock-screen state via unspecified vectors.
02-12-2016 - 22:39 20-05-2016 - 11:00
CVE-2016-1853 5.0
Tcl in Apple OS X before 10.11.5 allows remote attackers to obtain sensitive information by leveraging SSLv2 support.
02-12-2016 - 22:38 20-05-2016 - 11:00
CVE-2016-1842 5.0
MapKit in Apple iOS before 9.3.2, OS X before 10.11.5, and watchOS before 2.2.1 does not use HTTPS for shared links, which allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic.
01-12-2016 - 19:56 20-05-2016 - 10:59
CVE-2016-1844 5.0
The Messages component in Apple OS X before 10.11.5 mishandles roster changes, which allows remote attackers to modify contact lists via unspecified vectors.
01-12-2016 - 19:54 20-05-2016 - 10:59
CVE-2016-1843 5.0
The Messages component in Apple OS X before 10.11.5 mishandles filename encoding, which allows remote attackers to obtain sensitive information via unspecified vectors.
01-12-2016 - 19:54 20-05-2016 - 10:59
CVE-2016-1848 6.8
QuickTime in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file.
01-12-2016 - 03:07 20-05-2016 - 11:00
CVE-2016-1846 9.3
The nvCommandQueue::GetHandleIndex method in the NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference and memory corru
01-12-2016 - 03:07 20-05-2016 - 10:59
CVE-2016-1816 9.3
IOAcceleratorFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. <a href="http://cwe.mitre.org/data/definitions/476.html">CW
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1815 9.3
IOAcceleratorFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1812 9.3
Buffer overflow in Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app.
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1810 9.3
The Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1809 7.8
Disk Utility in Apple OS X before 10.11.5 uses incorrect encryption keys for disk images, which has unspecified impact and attack vectors.
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1806 9.3
Crash Reporter in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app.
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1805 9.3
CoreStorage in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app.
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1804 9.3
The Multi-Touch subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1800 9.3
Captive Network Assistant in Apple OS X before 10.11.5 mishandles a custom URL scheme, which allows user-assisted remote attackers to execute arbitrary code via unspecified vectors.
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1799 9.3
Audio in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1798 4.3
Audio in Apple OS X before 10.11.5 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app. <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1797 9.3
Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to bypass intended FontValidator sandbox-policy restrictions and execute arbitrary code in a privileged context via a crafted app.
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1796 4.3
Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds memory access) via a crafted app.
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1795 9.3
AppleGraphicsPowerManagement in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1794 9.3
The AppleGraphicsControlClient::checkArguments method in AppleGraphicsControl in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. <
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1793 9.3
AppleGraphicsDeviceControlClient in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. <a href="http://cwe.mitre.org/data/definitions
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1792 9.3
The AMD subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1791 4.3
The AMD subsystem in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.
01-12-2016 - 03:06 20-05-2016 - 10:59
CVE-2016-1861 9.3
The NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1846.
30-11-2016 - 03:04 19-06-2016 - 20:59
CVE-2016-1862 4.3
Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1860.
22-06-2016 - 11:56 19-06-2016 - 20:59
CVE-2016-1860 4.3
Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1862.
22-06-2016 - 11:56 19-06-2016 - 20:59
Back to Top Mark selected
Back to Top