Filtered by vendor Apple
Subscribe
Total
235 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4749 | 1 Apple | 1 Iphone Os | 2023-12-10 | 2.1 LOW | 3.3 LOW |
| Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file. | |||||
| CVE-2016-4751 | 1 Apple | 1 Safari | 2023-12-10 | 4.3 MEDIUM | 3.5 LOW |
| The Safari Tabs component in Apple Safari before 10 allows remote attackers to spoof the address bar of a tab via a crafted web site. | |||||
| CVE-2016-4739 | 1 Apple | 1 Mac Os X | 2023-12-10 | 4.3 MEDIUM | 3.7 LOW |
| mDNSResponder in Apple OS X before 10.12, when VMnet.framework is used, arranges for a DNS proxy to listen on all interfaces, which allows remote attackers to obtain sensitive information by sending a DNS query to an unintended interface. | |||||
| CVE-2016-1748 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2023-12-10 | 4.3 MEDIUM | 3.3 LOW |
| IOHIDFamily in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. | |||||
| CVE-2016-4645 | 1 Apple | 1 Mac Os X | 2023-12-10 | 2.1 LOW | 3.3 LOW |
| CFNetwork in Apple OS X before 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-1860 | 1 Apple | 1 Mac Os X | 2023-12-10 | 4.3 MEDIUM | 3.3 LOW |
| Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1862. | |||||
| CVE-2016-4740 | 1 Apple | 1 Iphone Os | 2023-12-10 | 1.9 LOW | 2.9 LOW |
| Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin has occurred before displaying messages, which might allow attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-1758 | 1 Apple | 2 Iphone Os, Mac Os X | 2023-12-10 | 4.3 MEDIUM | 3.3 LOW |
| The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app. | |||||
| CVE-2016-1798 | 1 Apple | 1 Mac Os X | 2023-12-10 | 4.3 MEDIUM | 3.3 LOW |
| Audio in Apple OS X before 10.11.5 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app. | |||||
| CVE-2015-4000 | 12 Apple, Canonical, Debian and 9 more | 25 Iphone Os, Mac Os X, Safari and 22 more | 2023-12-10 | 4.3 MEDIUM | 3.7 LOW |
| The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. | |||||
| CVE-2016-4747 | 1 Apple | 1 Iphone Os | 2023-12-10 | 4.3 MEDIUM | 3.7 LOW |
| Mail in Apple iOS before 10 mishandles certificates, which makes it easier for man-in-the-middle attackers to discover mail credentials via unspecified vectors. | |||||
| CVE-2016-1852 | 1 Apple | 1 Iphone Os | 2023-12-10 | 2.1 LOW | 2.4 LOW |
| Siri in Apple iOS before 9.3.2 does not block data detectors within results in the lock-screen state, which allows physically proximate attackers to obtain sensitive contact and photo information via unspecified vectors. | |||||
| CVE-2016-4717 | 1 Apple | 1 Mac Os X | 2023-12-10 | 5.0 MEDIUM | 3.3 LOW |
| The File Bookmark component in Apple OS X before 10.12 mishandles scoped-bookmark file descriptors, which allows attackers to cause a denial of service via a crafted app. | |||||
| CVE-2014-3566 | 11 Apple, Debian, Fedoraproject and 8 more | 20 Mac Os X, Debian Linux, Fedora and 17 more | 2023-12-10 | 4.3 MEDIUM | 3.4 LOW |
| The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. | |||||
| CVE-2014-4407 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2023-12-10 | 4.3 MEDIUM | 3.3 LOW |
| IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafted IOKit function calls. | |||||