CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple : Security Vulnerabilities (Execute Code)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-1783 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
2 CVE-2016-1778 399 DoS Exec Code Mem. Corr. 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
3 CVE-2016-1775 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
TrueTypeScaler in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
4 CVE-2016-1769 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
6.8
None Remote Medium Not required Partial Partial Partial
QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop file.
5 CVE-2016-1768 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
6.8
None Remote Medium Not required Partial Partial Partial
QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1767.
6 CVE-2016-1767 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
6.8
None Remote Medium Not required Partial Partial Partial
QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1768.
7 CVE-2016-1762 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-24
10.0
None Remote Low Not required Complete Complete Complete
libxml2 in Apple iOS before 9.3, OS X before 10.11.4, Safari before 9.1, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
8 CVE-2016-1761 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-24
10.0
None Remote Low Not required Complete Complete Complete
libxml2 in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
9 CVE-2016-1759 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-28
9.3
None Remote Medium Not required Complete Complete Complete
The kernel in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
10 CVE-2016-1757 362 Exec Code 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app.
11 CVE-2016-1756 DoS Exec Code 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
12 CVE-2016-1755 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-24
9.3
None Remote Medium Not required Complete Complete Complete
The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1754.
13 CVE-2016-1754 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-24
9.3
None Remote Medium Not required Complete Complete Complete
The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1755.
14 CVE-2016-1753 189 Exec Code Overflow 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allow attackers to execute arbitrary code in a privileged context via a crafted app.
15 CVE-2016-1751 264 Exec Code Bypass 2016-03-23 2016-03-24
9.3
None Remote Medium Not required Complete Complete Complete
The kernel in Apple iOS before 9.3, tvOS before 9.2, and watchOS before 2.2 does not properly restrict the execute permission, which allows attackers to bypass a code-signing protection mechanism via a crafted app.
16 CVE-2016-1750 Exec Code 2016-03-23 2016-03-24
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context via a crafted app.
17 CVE-2016-1749 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-28
9.3
None Remote Medium Not required Complete Complete Complete
IOUSBFamily in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
18 CVE-2016-1747 20 DoS Exec Code Mem. Corr. 2016-03-23 2016-03-28
9.3
None Remote Medium Not required Complete Complete Complete
IOGraphics in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1746.
19 CVE-2016-1746 20 DoS Exec Code Mem. Corr. 2016-03-23 2016-03-28
9.3
None Remote Medium Not required Complete Complete Complete
IOGraphics in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1747.
20 CVE-2016-1744 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1743.
21 CVE-2016-1743 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1744.
22 CVE-2016-1741 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
10.0
None Remote Low Not required Complete Complete Complete
The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
23 CVE-2016-1740 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-28
9.3
None Remote Medium Not required Complete Complete Complete
FontParser in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document.
24 CVE-2016-1737 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
6.8
None Remote Medium Not required Partial Partial Partial
Carbon in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dfont file.
25 CVE-2016-1736 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1735.
26 CVE-2016-1735 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
9.3
None Remote Medium Not required Complete Complete Complete
Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1736.
27 CVE-2016-1734 119 DoS Exec Code Overflow Mem. Corr. 2016-03-23 2016-03-25
7.2
None Local Low Not required Complete Complete Complete
AppleUSBNetworking in Apple iOS before 9.3 and OS X before 10.11.4 allows physically proximate attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted USB device.
28 CVE-2016-1733 20 DoS Exec Code Mem. Corr. 2016-03-23 2016-03-24
9.3
None Remote Medium Not required Complete Complete Complete
AppleRAID in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
29 CVE-2016-1727 119 DoS Exec Code Overflow Mem. Corr. 2016-02-01 2016-03-29
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1724.
30 CVE-2016-1726 119 DoS Exec Code Overflow Mem. Corr. 2016-02-01 2016-03-29
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1723 and CVE-2016-1725.
31 CVE-2016-1725 119 DoS Exec Code Overflow Mem. Corr. 2016-02-01 2016-03-29
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1723 and CVE-2016-1726.
32 CVE-2016-1724 119 DoS Exec Code Overflow Mem. Corr. 2016-02-01 2016-03-29
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1727.
33 CVE-2016-1723 119 DoS Exec Code Overflow Mem. Corr. 2016-02-01 2016-03-29
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1725 and CVE-2016-1726.
34 CVE-2016-0802 20 DoS Exec Code Mem. Corr. 2016-02-06 2016-04-01
8.3
None Local Network Low Not required Complete Complete Complete
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25306181.
35 CVE-2016-0801 20 DoS Exec Code Mem. Corr. 2016-02-06 2016-04-01
8.3
None Local Network Low Not required Complete Complete Complete
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029.
36 CVE-2015-7551 20 DoS Exec Code 2016-03-23 2016-03-25
4.6
None Local Low Not required Partial Partial Partial
The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string, related to the DL module and the libffi library. NOTE: this vulnerability exists because of a CVE-2009-5147 regression.
37 CVE-2015-7117 119 DoS Exec Code Overflow Mem. Corr. 2016-01-08 2016-01-11
6.8
None Remote Medium Not required Partial Partial Partial
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, and CVE-2015-7092.
38 CVE-2015-7113 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2015-12-11
10.0
Admin Remote Low Not required Complete Complete Complete
The LaunchServices component in Apple iOS before 9.2 and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a malformed plist.
39 CVE-2015-7112 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2015-12-11
9.3
None Remote Medium Not required Complete Complete Complete
The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7111.
40 CVE-2015-7111 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2015-12-11
9.3
None Remote Medium Not required Complete Complete Complete
The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-7112.
41 CVE-2015-7109 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2015-12-11
9.3
None Remote Medium Not required Complete Complete Complete
IOAcceleratorFamily in Apple OS X before 10.11.2 and tvOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
42 CVE-2015-7107 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2015-12-11
6.8
None Remote Medium Not required Partial Partial Partial
QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file.
43 CVE-2015-7105 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2015-12-11
6.8
None Remote Medium Not required Partial Partial Partial
CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
44 CVE-2015-7104 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2015-12-11
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple Safari before 9.0.2 and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
45 CVE-2015-7103 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2015-12-11
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, and CVE-2015-7102.
46 CVE-2015-7102 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2015-12-11
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, and CVE-2015-7103.
47 CVE-2015-7101 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2015-12-11
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7102, and CVE-2015-7103.
48 CVE-2015-7100 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2015-12-11
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.
49 CVE-2015-7099 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2015-12-11
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.
50 CVE-2015-7098 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2015-12-11
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.
Total number of vulnerabilities : 1617   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.