Apple macOS vulnerabilities

3,139 known vulnerabilities affecting apple/mac_os_x.

Total CVEs

3,139

CISA KEV

actively exploited

Public exploits

277

Exploited in wild

Severity breakdown

CRITICAL302HIGH1409MEDIUM1236LOW192

Vulnerabilities

Page 75 of 157

CVE-2016-4699HIGHCVSS 7.8≤ 10.11.62016-09-25

CVE-2016-4699 [HIGH] CWE-119 CVE-2016-4699: AppleUUC in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged conte AppleUUC in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-4700.

nvd

CVE-2016-4750HIGHCVSS 7.8≤ 10.11.62016-09-25

CVE-2016-4750 [HIGH] CWE-119 CVE-2016-4750: S2 Camera in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in S2 Camera in Apple iOS before 10 and OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

nvd

CVE-2016-4725HIGHCVSS 8.1fixed in 10.12.02016-09-25

CVE-2016-4725 [HIGH] CWE-119 CVE-2016-4725: IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted web site.

nvd

CVE-2016-4716HIGHCVSS 7.8≤ 10.11.62016-09-25

CVE-2016-4716 [HIGH] CWE-264 CVE-2016-4716: diskutil in DiskArbitration in Apple OS X before 10.12 allows local users to gain privileges via uns diskutil in DiskArbitration in Apple OS X before 10.12 allows local users to gain privileges via unspecified vectors.

nvd

CVE-2016-4775HIGHCVSS 7.8fixed in 10.12.02016-09-25

CVE-2016-4775 [HIGH] CWE-119 CVE-2016-4775: The kernel in Apple OS X before 10.12, tvOS before 10, and watchOS before 3 allows local users to ga The kernel in Apple OS X before 10.12, tvOS before 10, and watchOS before 3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

nvd

CVE-2016-4700HIGHCVSS 7.8≤ 10.11.62016-09-25

CVE-2016-4700 [HIGH] CVE-2016-4700: AppleUUC in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged conte AppleUUC in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-4699.

nvd

CVE-2016-4712HIGHCVSS 7.8fixed in 10.12.02016-09-25

CVE-2016-4712 [HIGH] CWE-787 CVE-2016-4712: CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows at CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app.

nvd

CVE-2016-4738HIGHCVSS 8.8fixed in 10.12.02016-09-25

CVE-2016-4738 [HIGH] CWE-119 CVE-2016-4738: libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remot libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

nvd

CVE-2016-4778HIGHCVSS 7.8fixed in 10.122016-09-25

CVE-2016-4778 [HIGH] CWE-264 CVE-2016-4778: The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows at The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

nvd

CVE-2016-4723HIGHCVSS 7.8≤ 10.11.62016-09-25

CVE-2016-4723 [HIGH] CWE-119 CVE-2016-4723: Intel Graphics Driver in Apple OS X before 10.12 allows attackers to execute arbitrary code in a pri Intel Graphics Driver in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

nvd

CVE-2016-4703HIGHCVSS 7.8≤ 10.11.62016-09-25

CVE-2016-4703 [HIGH] CWE-119 CVE-2016-4703: Bluetooth in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged cont Bluetooth in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

nvd

CVE-2016-4753HIGHCVSS 7.8fixed in 10.12.02016-09-25

CVE-2016-4753 [HIGH] CWE-20 CVE-2016-4753: Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 mishandle signed disk i Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 mishandle signed disk images, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

nvd

CVE-2016-4774HIGHCVSS 7.1fixed in 10.12.02016-09-25

CVE-2016-4774 [HIGH] CVE-2016-4774: The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows at The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4773 and CVE-2016-4776.

nvd

CVE-2016-4727HIGHCVSS 7.8≤ 10.11.62016-09-25

CVE-2016-4727 [HIGH] CWE-119 CVE-2016-4727: IOThunderboltFamily in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privi IOThunderboltFamily in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

nvd

CVE-2016-4726HIGHCVSS 7.8fixed in 10.12.02016-09-25

CVE-2016-4726 [HIGH] CWE-119 CVE-2016-4726: IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

nvd

CVE-2016-4748MEDIUMCVSS 5.3≤ 10.11.62016-09-25

CVE-2016-4748 [MEDIUM] CWE-254 CVE-2016-4748: Perl in Apple OS X before 10.12 allows local users to bypass the taint-mode protection mechanism via Perl in Apple OS X before 10.12 allows local users to bypass the taint-mode protection mechanism via a crafted environment variable.

nvd

CVE-2016-4718MEDIUMCVSS 6.5fixed in 10.12.02016-09-25

CVE-2016-4718 [MEDIUM] CWE-119 CVE-2016-4718: Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory via a crafted font file.

nvd

CVE-2016-4713MEDIUMCVSS 5.3≤ 10.11.62016-09-25

CVE-2016-4713 [MEDIUM] CWE-200 CVE-2016-4713: CoreDisplay in Apple OS X before 10.12 allows attackers to view arbitrary users' screens by leveragi CoreDisplay in Apple OS X before 10.12 allows attackers to view arbitrary users' screens by leveraging screen-sharing access.

nvd

CVE-2016-4742MEDIUMCVSS 5.5≤ 10.11.62016-09-25

CVE-2016-4742 [MEDIUM] CWE-200 CVE-2016-4742: NSSecureTextField in Apple OS X before 10.12 does not enable Secure Input, which allows attackers to NSSecureTextField in Apple OS X before 10.12 does not enable Secure Input, which allows attackers to discover credentials via a crafted app.

nvd

CVE-2016-4707MEDIUMCVSS 4.0≤ 10.11.62016-09-25

CVE-2016-4707 [MEDIUM] CWE-19 CVE-2016-4707: CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles Local Storage deletion, which allo CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles Local Storage deletion, which allows local users to discover the visited web sites of arbitrary users via unspecified vectors.

nvd

← Previous75 / 157Next →