Apple CVEs and Security Vulnerabilities

Filtered by vendor Apple Subscriptions

Search

Switch to Advanced Search (Beta)

Total 13358 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2016-4604	1 Apple	2 Iphone Os, Safari	2025-04-12	N/A
Safari in Apple iOS before 9.3.3 allows remote attackers to spoof the displayed URL via an HTTP response specifying redirection to an invalid TCP port number.
CVE-2016-4605	1 Apple	1 Iphone Os	2025-04-12	N/A
Calendar in Apple iOS before 9.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted invitation.
CVE-2016-4616	2 Apple, Microsoft	7 Icloud, Iphone Os, Itunes and 4 more	2025-04-12	N/A
libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4615, and CVE-2016-4619.
CVE-2016-4621	1 Apple	1 Mac Os X	2025-04-12	N/A
libc++abi in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-4618	1 Apple	2 Iphone Os, Safari	2025-04-12	N/A
Cross-site scripting (XSS) vulnerability in Safari Reader in Apple iOS before 10 and Safari before 10 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)."
CVE-2016-4620	1 Apple	1 Iphone Os	2025-04-12	N/A
The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to directory metadata for SMS draft directories, which allows attackers to discover text-message recipients via a crafted app.
CVE-2016-4632	1 Apple	4 Iphone Os, Mac Os X, Tvos and 1 more	2025-04-12	N/A
ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVE-2016-4637	1 Apple	4 Iphone Os, Mac Os X, Tvos and 1 more	2025-04-12	N/A
CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted BMP image.
CVE-2016-4633	1 Apple	1 Mac Os X	2025-04-12	N/A
Intel Graphics Driver in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-4634	1 Apple	1 Mac Os X	2025-04-12	N/A
The Graphics Drivers subsystem in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2016-4638	1 Apple	1 Mac Os X	2025-04-12	N/A
Login Window in Apple OS X before 10.11.6 allows attackers to gain privileges via a crafted app that leverages a "type confusion."
CVE-2016-4653	1 Apple	4 Iphone Os, Mac Os X, Tvos and 1 more	2025-04-12	N/A
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4582.
CVE-2016-4651	1 Apple	2 Iphone Os, Safari	2025-04-12	N/A
Cross-site scripting (XSS) vulnerability in the WebKit JavaScript bindings in Apple iOS before 9.3.3 and Safari before 9.1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP/0.9 response, related to a "cross-protocol cross-site scripting (XPXSS)" vulnerability.
CVE-2016-4652	1 Apple	1 Mac Os X	2025-04-12	N/A
CoreGraphics in Apple OS X before 10.11.6 allows local users to obtain sensitive information from kernel memory and consequently gain privileges, or cause a denial of service (out-of-bounds read), via unspecified vectors.
CVE-2016-4700	1 Apple	1 Mac Os X	2025-04-12	N/A
AppleUUC in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-4699.
CVE-2016-4701	1 Apple	1 Mac Os X	2025-04-12	N/A
Application Firewall in Apple OS X before 10.12 allows local users to cause a denial of service via vectors involving a crafted SO_EXECPATH environment variable.
CVE-2016-4703	1 Apple	1 Mac Os X	2025-04-12	N/A
Bluetooth in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-4706	1 Apple	1 Mac Os X	2025-04-12	N/A
cd9660 in Apple OS X before 10.12 allows local users to cause a denial of service via unspecified vectors.
CVE-2016-4702	1 Apple	4 Iphone Os, Mac Os X, Tvos and 1 more	2025-04-12	N/A
Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2016-4716	1 Apple	1 Mac Os X	2025-04-12	N/A
diskutil in DiskArbitration in Apple OS X before 10.12 allows local users to gain privileges via unspecified vectors.

« first previous Page 294 of 668. next last »