CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
701 CVE-2016-4594 20 2016-07-22 2019-03-20
6.8
None Remote Medium Not required Partial Partial Partial
The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an API call.
702 CVE-2016-4586 119 DoS Exec Code Overflow Mem. Corr. 2016-07-22 2019-03-25
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple Safari before 9.1.2 and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
703 CVE-2016-4584 119 DoS Exec Code Overflow Mem. Corr. 2016-07-22 2019-03-25
6.8
None Remote Medium Not required Partial Partial Partial
The WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
704 CVE-2016-3142 119 DoS Overflow +Info 2016-03-31 2018-01-05
6.4
None Remote Low Not required Partial None Partial
The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\x05\x06 signature at an invalid location.
705 CVE-2016-1950 119 Exec Code Overflow 2016-03-13 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.
706 CVE-2016-1859 119 DoS Exec Code Overflow Mem. Corr. 2016-05-20 2019-03-25
6.8
None Remote Medium Not required Partial Partial Partial
The WebKit Canvas implementation in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
707 CVE-2016-1857 119 DoS Exec Code Overflow Mem. Corr. 2016-05-20 2019-03-25
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1855, and CVE-2016-1856.
708 CVE-2016-1856 119 DoS Exec Code Overflow Mem. Corr. 2016-05-20 2019-03-25
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1855, and CVE-2016-1857.
709 CVE-2016-1855 119 DoS Exec Code Overflow Mem. Corr. 2016-05-20 2019-03-25
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1856, and CVE-2016-1857.
710 CVE-2016-1854 119 DoS Exec Code Overflow Mem. Corr. 2016-05-20 2019-03-25
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1855, CVE-2016-1856, and CVE-2016-1857.
711 CVE-2016-1850 119 DoS Exec Code Overflow Mem. Corr. 2016-05-20 2016-12-02
6.8
None Remote Medium Not required Partial Partial Partial
SceneKit in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file.
712 CVE-2016-1848 119 DoS Exec Code Overflow Mem. Corr. 2016-05-20 2016-12-01
6.8
None Remote Medium Not required Partial Partial Partial
QuickTime in Apple OS X before 10.11.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file.
713 CVE-2016-1847 119 DoS Exec Code Overflow Mem. Corr. 2016-05-20 2019-03-25
6.8
None Remote Medium Not required Partial Partial Partial
OpenGL, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
714 CVE-2016-1841 119 DoS Exec Code Overflow Mem. Corr. 2016-05-20 2019-06-18
6.8
None Remote Medium Not required Partial Partial Partial
libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
715 CVE-2016-1840 119 DoS Exec Code Overflow Mem. Corr. 2016-05-20 2019-03-25
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
716 CVE-2016-1835 119 DoS Overflow 2016-05-20 2018-01-05
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document.
717 CVE-2016-1803 476 DoS Exec Code 2016-05-20 2019-03-25
6.8
None Remote Medium Not required Partial Partial Partial
CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
718 CVE-2016-1769 119 DoS Exec Code Overflow Mem. Corr. 2016-03-24 2017-09-08
6.8
None Remote Medium Not required Partial Partial Partial
QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop file.
719 CVE-2016-1768 119 DoS Exec Code Overflow Mem. Corr. 2016-03-24 2017-09-08
6.8
None Remote Medium Not required Partial Partial Partial
QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1767.
720 CVE-2016-1767 119 DoS Exec Code Overflow Mem. Corr. 2016-03-24 2016-12-03
6.8
None Remote Medium Not required Partial Partial Partial
QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1768.
721 CVE-2016-1751 264 Exec Code Bypass 2016-03-24 2019-03-25
6.8
None Remote Medium Not required Partial Partial Partial
The kernel in Apple iOS before 9.3, tvOS before 9.2, and watchOS before 2.2 does not properly restrict the execute permission, which allows attackers to bypass a code-signing protection mechanism via a crafted app.
722 CVE-2016-1737 119 DoS Exec Code Overflow Mem. Corr. 2016-03-24 2016-12-03
6.8
None Remote Medium Not required Partial Partial Partial
Carbon in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dfont file.
723 CVE-2016-1724 119 DoS Exec Code Overflow Mem. Corr. 2016-02-01 2019-03-25
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1727.
724 CVE-2016-1718 119 DoS Overflow +Priv Mem. Corr. 2016-02-01 2017-09-10
6.9
None Local Medium Not required Complete Complete Complete
The IOAcceleratorFamily2 interface in IOAcceleratorFamily in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
725 CVE-2015-8960 310 2016-09-21 2018-06-28
6.8
None Remote Medium Not required Partial Partial Partial
The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server public key but not a server secret key, which makes it easier for man-in-the-middle attackers to spoof TLS servers by leveraging knowledge of the secret key for an arbitrary installed client X.509 certificate, aka the "Key Compromise Impersonation (KCI)" issue.
726 CVE-2015-7987 119 Overflow 2016-06-26 2019-06-19
6.8
None Remote Medium Not required Partial Partial Partial
Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function.
727 CVE-2015-7942 119 DoS Overflow 2015-11-18 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.
728 CVE-2015-7804 189 DoS 2015-12-11 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer dereference and application crash) by including the / filename in a .zip PHAR archive.
729 CVE-2015-7803 DoS 2015-12-11 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that does not exist.
730 CVE-2015-7117 119 DoS Exec Code Overflow Mem. Corr. 2016-01-09 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, and CVE-2015-7092.
731 CVE-2015-7110 119 DoS Overflow +Priv Mem. Corr. 2015-12-11 2017-09-13
6.9
None Local Medium Not required Complete Complete Complete
The Disk Images component in Apple OS X before 10.11.2 and tvOS before 9.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted disk image.
732 CVE-2015-7107 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2017-09-13
6.8
None Remote Medium Not required Partial Partial Partial
QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file.
733 CVE-2015-7105 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
734 CVE-2015-7104 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple Safari before 9.0.2 and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
735 CVE-2015-7103 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, and CVE-2015-7102.
736 CVE-2015-7102 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, and CVE-2015-7103.
737 CVE-2015-7101 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7102, and CVE-2015-7103.
738 CVE-2015-7100 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.
739 CVE-2015-7099 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.
740 CVE-2015-7098 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.
741 CVE-2015-7097 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.
742 CVE-2015-7096 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.
743 CVE-2015-7095 119 DoS Exec Code Overflow Mem. Corr. 2015-12-11 2019-03-08
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.
744 CVE-2015-7092 119 DoS Exec Code Overflow 2016-01-09 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted TXXX frame within an ID3 tag in MP3 data in a movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, and CVE-2015-7117.
745 CVE-2015-7091 119 DoS Exec Code Overflow Mem. Corr. 2016-01-09 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7092, and CVE-2015-7117.
746 CVE-2015-7090 119 DoS Exec Code Overflow Mem. Corr. 2016-01-09 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117.
747 CVE-2015-7089 119 DoS Exec Code Overflow Mem. Corr. 2016-01-09 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117.
748 CVE-2015-7088 119 DoS Exec Code Overflow Mem. Corr. 2016-01-09 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7087, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117.
749 CVE-2015-7087 119 DoS Exec Code Overflow Mem. Corr. 2016-01-09 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117.
750 CVE-2015-7086 119 DoS Exec Code Overflow Mem. Corr. 2016-01-09 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117.
Total number of vulnerabilities : 1465   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 (This Page)16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.