Apple - Mac Os X CVE

Filtered by vendor Apple

Filtered by product Mac Os X

Total 5568 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-0932	3 Adobe, Apple, Microsoft	6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more	2025-04-12	6.8 MEDIUM	8.8 HIGH
Use-after-free vulnerability in the Doc object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0934, CVE-2016-0937, CVE-2016-0940, and CVE-2016-0941.
CVE-2015-3046	3 Adobe, Apple, Microsoft	4 Acrobat, Acrobat Reader, Mac Os X and 1 more	2025-04-12	10.0 HIGH	N/A
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076.
CVE-2016-4220	5 Adobe, Apple, Google and 2 more	8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more	2025-04-12	9.3 HIGH	8.8 HIGH
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-421 ... Show More
CVE-2015-3068	3 Adobe, Apple, Microsoft	4 Acrobat, Acrobat Reader, Mac Os X and 1 more	2025-04-12	10.0 HIGH	N/A
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074.
CVE-2014-8447	3 Adobe, Apple, Microsoft	4 Acrobat, Acrobat Reader, Mac Os X and 1 more	2025-04-12	10.0 HIGH	N/A
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158.
CVE-2016-6943	3 Adobe, Apple, Microsoft	6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more	2025-04-12	10.0 HIGH	9.8 CRITICAL
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE ... Show More
CVE-2016-6975	3 Adobe, Apple, Microsoft	6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more	2025-04-12	10.0 HIGH	9.8 CRITICAL
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE ... Show More
CVE-2014-1370	1 Apple	2 Mac Os X, Mac Os X Server	2025-04-12	6.8 MEDIUM	N/A
The byte-swapping implementation in copyfile in Apple OS X before 10.9.4 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted AppleDouble file in a ZIP archive.
CVE-2015-1147	1 Apple	1 Mac Os X	2025-04-12	5.0 MEDIUM	N/A
Open Directory Client in Apple OS X before 10.10.3 sends unencrypted password-change requests in certain circumstances involving missing certificates, which allows remote attackers to obtain sensitive information by sniffing the network.
CVE-2015-8422	5 Adobe, Apple, Google and 2 more	9 Air, Air Sdk, Air Sdk \& Compiler and 6 more	2025-04-12	10.0 HIGH	N/A
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061 ... Show More
CVE-2015-6306	3 Apple, Cisco, Linux	3 Mac Os X, Anyconnect Secure Mobility Client, Linux Kernel	2025-04-12	7.2 HIGH	N/A
Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does not verify pathnames before installation actions, which allows local users to obtain root privileges via a crafted installation file, aka Bug ID CSCuv11947.
CVE-2014-1314	1 Apple	1 Mac Os X	2025-04-12	10.0 HIGH	N/A
WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed application, which allows attackers to bypass the sandbox protection mechanism and execute arbitrary code via a crafted application.
CVE-2015-3082	4 Adobe, Apple, Linux and 1 more	7 Air, Air Sdk, Air Sdk \& Compiler and 4 more	2025-04-12	6.4 MEDIUM	N/A
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on filesystem write operations via unspecified vectors, a different vulnerability than CVE-2015-3083 and CVE-2015-3085.
CVE-2015-3099	5 Adobe, Apple, Google and 2 more	8 Air, Air Sdk, Air Sdk \& Compiler and 5 more	2025-04-12	5.0 MEDIUM	N/A
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-3098 ... Show More
CVE-2014-4379	1 Apple	3 Iphone Os, Mac Os X, Tvos	2025-04-12	7.1 HIGH	N/A
An unspecified IOHIDFamily function in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking to prevent reading of kernel pointers, which allows attackers to bypass the ASLR protection mechanism via a crafted application.
CVE-2015-8447	5 Adobe, Apple, Google and 2 more	9 Air, Air Sdk, Air Sdk \& Compiler and 6 more	2025-04-12	9.3 HIGH	N/A
Use-after-free vulnerability in the Color object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted setTransform arguments, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-805 ... Show More
CVE-2015-7023	1 Apple	2 Iphone Os, Mac Os X	2025-04-12	5.8 MEDIUM	N/A
CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not properly consider the uppercase-versus-lowercase distinction during cookie parsing, which allows remote web servers to overwrite cookies via unspecified vectors.
CVE-2015-7068	1 Apple	4 Iphone Os, Mac Os X, Tvos and 1 more	2025-04-12	9.3 HIGH	7.8 HIGH
IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type.
CVE-2015-1819	8 Apple, Canonical, Debian and 5 more	12 Iphone Os, Mac Os X, Tvos and 9 more	2025-04-12	5.0 MEDIUM	N/A
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.
CVE-2016-4272	5 Adobe, Apple, Google and 2 more	8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more	2025-04-12	9.3 HIGH	8.8 HIGH
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
CVE-2013-7040	2 Apple, Python	2 Mac Os X, Python	2025-04-12	4.3 MEDIUM	N/A
Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictably and makes it easier for context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1150.
CVE-2015-1088	1 Apple	2 Iphone Os, Mac Os X	2025-04-12	6.8 MEDIUM	N/A
CFURL in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not properly validate URLs, which allows remote attackers to execute arbitrary code via a crafted web site.
CVE-2015-5523	4 Apple, Canonical, Debian and 1 more	6 Iphone Os, Mac Os X, Watchos and 3 more	2025-04-12	4.3 MEDIUM	N/A
The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which triggers a large memory allocation.
CVE-2016-4709	1 Apple	1 Mac Os X	2025-04-12	7.2 HIGH	7.8 HIGH
WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage "type confusion," a different vulnerability than CVE-2016-4710.
CVE-2015-3804	1 Apple	2 Iphone Os, Mac Os X	2025-04-12	7.5 HIGH	N/A
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5756 and CVE-2015-5775.
CVE-2015-1091	1 Apple	2 Iphone Os, Mac Os X	2025-04-12	4.3 MEDIUM	N/A
The CFNetwork Session component in Apple iOS before 8.3 and Apple OS X before 10.10.3 does not properly handle request headers during processing of redirects in HTTP responses, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
CVE-2015-3049	3 Adobe, Apple, Microsoft	4 Acrobat, Acrobat Reader, Mac Os X and 1 more	2025-04-12	10.0 HIGH	N/A
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076.
CVE-2016-1862	1 Apple	1 Mac Os X	2025-04-12	4.3 MEDIUM	3.3 LOW
Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1860.
CVE-2014-0580	4 Adobe, Apple, Linux and 1 more	4 Flash Player, Mac Os X, Linux Kernel and 1 more	2025-04-12	10.0 HIGH	N/A
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
CVE-2015-3110	3 Adobe, Apple, Microsoft	4 Bridge, Photoshop Cc, Mac Os X and 1 more	2025-04-12	10.0 HIGH	N/A
Integer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attackers to execute arbitrary code via unspecified vectors.
CVE-2015-8460	5 Adobe, Apple, Google and 2 more	9 Air, Air Sdk, Air Sdk \& Compiler and 6 more	2025-04-12	9.3 HIGH	8.8 HIGH
Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8459, CVE-2015-8636, and CVE-2015-8645.
CVE-2015-7017	1 Apple	3 Iphone Os, Itunes, Mac Os X	2025-04-12	7.5 HIGH	N/A
CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-6992.
CVE-2016-4155	8 Adobe, Apple, Google and 5 more	14 Flash Player, Flash Player Desktop Runtime, Mac Os X and 11 more	2025-04-12	9.3 HIGH	8.8 HIGH
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
CVE-2015-3056	3 Adobe, Apple, Microsoft	4 Acrobat, Acrobat Reader, Mac Os X and 1 more	2025-04-12	10.0 HIGH	N/A
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076.
CVE-2016-4099	3 Adobe, Apple, Microsoft	6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more	2025-04-12	10.0 HIGH	9.8 CRITICAL
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE ... Show More
CVE-2015-3688	1 Apple	3 Iphone Os, Itunes, Mac Os X	2025-04-12	6.8 MEDIUM	N/A
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3689.
CVE-2015-5896	1 Apple	3 Iphone Os, Mac Os X, Watchos	2025-04-12	7.2 HIGH	N/A
The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5903.
CVE-2016-7019	3 Adobe, Apple, Microsoft	6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more	2025-04-12	10.0 HIGH	9.8 CRITICAL
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE ... Show More
CVE-2016-1054	3 Adobe, Apple, Microsoft	6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more	2025-04-12	10.0 HIGH	9.8 CRITICAL
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE- ... Show More
CVE-2015-3678	1 Apple	1 Mac Os X	2025-04-12	7.2 HIGH	N/A
AppleThunderboltEDMService in Apple OS X before 10.10.4 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified Thunderbolt commands.

Vulnerabilities (CVE)