CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple : Security Vulnerabilities (Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-1784 399 DoS 2016-03-23 2016-03-28
4.3
None Remote Medium Not required None None Partial
The History implementation in WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to cause a denial of service (resource consumption and application crash) via a crafted web site.
2 CVE-2016-1783 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
3 CVE-2016-1778 399 DoS Exec Code Mem. Corr. 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
4 CVE-2016-1775 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
5 CVE-2016-1771 19 DoS 2016-03-23 2016-03-25
7.1
None Remote Medium Not required None None Complete
The Downloads feature in Apple Safari before 9.1 mishandles file expansion, which allows remote attackers to cause a denial of service via a crafted web site.
6 CVE-2016-1769 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
6.8
None Remote Medium Not required Partial Partial Partial
QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop file.
7 CVE-2016-1768 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
6.8
None Remote Medium Not required Partial Partial Partial
QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1767.
8 CVE-2016-1767 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
6.8
None Remote Medium Not required Partial Partial Partial
QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1768.
9 CVE-2016-1765 119 DoS Overflow +Priv Mem. Corr. 2016-03-23 2016-03-25
4.6
None Local Low Not required Partial Partial Partial
otool in Apple Xcode before 7.3 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors.
10 CVE-2016-1762 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-24
10.0
None Remote Low Not required Complete Complete Complete
libxml2 in Apple iOS before 9.3, OS X before 10.11.4, Safari before 9.1, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
11 CVE-2016-1761 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-24
10.0
None Remote Low Not required Complete Complete Complete
libxml2 in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
12 CVE-2016-1759 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-28
9.3
None Remote Medium Not required Complete Complete Complete
The kernel in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
13 CVE-2016-1758 119 DoS Overflow +Info 2016-03-23 2016-03-25
4.3
None Remote Medium Not required Partial None None
The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app.
14 CVE-2016-1756 DoS Exec Code 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
15 CVE-2016-1755 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-24
9.3
None Remote Medium Not required Complete Complete Complete
The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1754.
16 CVE-2016-1754 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-24
9.3
None Remote Medium Not required Complete Complete Complete
The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1755.
17 CVE-2016-1752 20 DoS 2016-03-23 2016-03-24
9.3
None Remote Medium Not required Complete Complete Complete
The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to cause a denial of service via a crafted app.
18 CVE-2016-1749 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-28
9.3
None Remote Medium Not required Complete Complete Complete
IOUSBFamily in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
19 CVE-2016-1747 20 DoS Exec Code Mem. Corr. 2016-03-23 2016-03-28
9.3
None Remote Medium Not required Complete Complete Complete
IOGraphics in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1746.
20 CVE-2016-1746 20 DoS Exec Code Mem. Corr. 2016-03-23 2016-03-28
9.3
None Remote Medium Not required Complete Complete Complete
IOGraphics in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1747.
21 CVE-2016-1745 DoS 2016-03-23 2016-03-25
2.1
None Local Low Not required None None Partial
IOFireWireFamily in Apple OS X before 10.11.4 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.
22 CVE-2016-1744 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1743.
23 CVE-2016-1743 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1744.
24 CVE-2016-1741 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
10.0
None Remote Low Not required Complete Complete Complete
The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
25 CVE-2016-1740 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-28
9.3
None Remote Medium Not required Complete Complete Complete
FontParser in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document.
26 CVE-2016-1737 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
6.8
None Remote Medium Not required Partial Partial Partial
Carbon in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dfont file.
27 CVE-2016-1736 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1735.
28 CVE-2016-1735 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1736.
29 CVE-2016-1734 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
7.2
None Local Low Not required Complete Complete Complete
AppleUSBNetworking in Apple iOS before 9.3 and OS X before 10.11.4 allows physically proximate attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted USB device.
30 CVE-2016-1733 20 DoS Exec Code Mem. Corr. 2016-03-23 2016-03-24
9.3
None Remote Medium Not required Complete Complete Complete
AppleRAID in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
31 CVE-2016-1732 119 DoS Overflow +Info 2016-03-23 2016-03-28
2.1
None Local Low Not required Partial None None
AppleRAID in Apple OS X before 10.11.4 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors.
32 CVE-2016-1727 119 DoS Exec Code Overflow Mem. Corr. 2016-02-01 2016-03-29
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1724.
33 CVE-2016-1726 119 DoS Exec Code Overflow Mem. Corr. 2016-02-01 2016-03-29
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1723 and CVE-2016-1725.
34 CVE-2016-1725 119 DoS Exec Code Overflow Mem. Corr. 2016-02-01 2016-03-29
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1723 and CVE-2016-1726.
35 CVE-2016-1724 119 DoS Exec Code Overflow Mem. Corr. 2016-02-01 2016-03-29
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1727.
36 CVE-2016-1723 119 DoS Exec Code Overflow Mem. Corr. 2016-02-01 2016-03-29
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1725 and CVE-2016-1726.
37 CVE-2016-1722 119 DoS Overflow +Priv Mem. Corr. 2016-02-01 2016-03-29
7.2
None Local Low Not required Complete Complete Complete
syslog in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
38 CVE-2016-1721 119 DoS Overflow +Priv Mem. Corr. 2016-02-01 2016-03-29
7.2
None Local Low Not required Complete Complete Complete
The kernel in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
39 CVE-2016-1720 119 DoS Overflow +Priv Mem. Corr. 2016-02-01 2016-03-29
7.2
None Local Low Not required Complete Complete Complete
IOKit in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
40 CVE-2016-1719 119 DoS Overflow +Priv Mem. Corr. 2016-02-01 2016-03-29
7.2
None Local Low Not required Complete Complete Complete
The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
41 CVE-2016-1718 119 DoS Overflow +Priv Mem. Corr. 2016-02-01 2016-02-08
6.9
None Local Medium Not required Complete Complete Complete
The IOAcceleratorFamily2 interface in IOAcceleratorFamily in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
42 CVE-2016-1717 119 DoS Overflow +Priv Mem. Corr. 2016-02-01 2016-03-29
7.2
None Local Low Not required Complete Complete Complete
The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
43 CVE-2016-1716 119 DoS Overflow +Priv Mem. Corr. 2016-02-01 2016-02-08
7.2
None Local Low Not required Complete Complete Complete
AppleGraphicsPowerManagement in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
44 CVE-2016-0802 20 DoS Exec Code Mem. Corr. 2016-02-06 2016-04-01
8.3
None Local Network Low Not required Complete Complete Complete
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25306181.
45 CVE-2016-0801 20 DoS Exec Code Mem. Corr. 2016-02-06 2016-04-01
8.3
None Local Network Low Not required Complete Complete Complete
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029.
46 CVE-2016-0778 119 DoS Overflow 2016-01-14 2016-04-11
6.5
None Remote Low Single system Partial Partial Partial
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.
47 CVE-2015-8472 119 DoS Overflow 2016-01-21 2016-03-29
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126.
48 CVE-2015-8242 119 DoS Overflow +Info 2015-12-15 2016-04-01
5.8
None Remote Medium Not required Partial None Partial
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
49 CVE-2015-8126 119 DoS Overflow 2015-11-12 2016-03-29
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.
50 CVE-2015-8035 399 DoS 2015-11-18 2016-04-12
2.6
None Remote High Not required None None Partial
The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.
Total number of vulnerabilities : 1585   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.