Total
5568 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1574 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 9.3 HIGH | N/A |
| Integer overflow in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image that triggers a heap-based buffer overflow. | |||||
| CVE-2006-4392 | 2 Apple, Next | 2 Mac Os X, Openstep | 2025-04-09 | 7.2 HIGH | N/A |
| The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread context and task address space in a way that causes the child to call a parent-controlled function. | |||||
| CVE-2006-4398 | 1 Apple | 1 Mac Os X | 2025-04-09 | 7.2 HIGH | N/A |
| Multiple buffer overflows in the Apple Type Services (ATS) server in Mac OS X 10.4 through 10.4.8 allow local users to execute arbitrary code via crafted service requests. | |||||
| CVE-2007-1898 | 8 Apple, Hp, Jetbox and 5 more | 16 Mac Os X, Hp-ux, Tru64 and 13 more | 2025-04-09 | 5.8 MEDIUM | N/A |
| formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters. | |||||
| CVE-2007-0117 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 10.0 HIGH | N/A |
| DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) files, which allows attackers to gain privileges via a BOM file under /Library/Receipts/, which triggers arbitrary file permission changes upon execution of a diskutil permission repair operation. | |||||
| CVE-2007-6276 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 7.8 HIGH | N/A |
| The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112. | |||||
| CVE-2008-0035 | 1 Apple | 5 Iphone, Iphone Os, Ipod Touch and 2 more | 2025-04-09 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Foundation, as used in Apple iPhone 1.0 through 1.1.2, iPod touch 1.1 through 1.1.2, and Mac OS X 10.5 through 10.5.1, allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted URL that triggers memory corruption in Safari. | |||||
| CVE-2007-0728 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 4.4 MEDIUM | N/A |
| Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files insecurely while initializing a USB printer, which allows local users to create or overwrite arbitrary files. | |||||
| CVE-2009-2834 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 4.9 MEDIUM | N/A |
| IOKit in Apple Mac OS X before 10.6.2 allows local users to modify the firmware of a (1) USB or (2) Bluetooth keyboard via unspecified vectors. | |||||
| CVE-2007-5850 | 1 Apple | 1 Mac Os X | 2025-04-09 | 8.8 HIGH | N/A |
| Heap-based buffer overflow in Desktop Services in Apple Mac OS X 10.4.11 allows user-assisted attackers to execute arbitrary code via a directory with a crafted .DS_Store file. | |||||
| CVE-2007-4672 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2025-04-09 | 7.6 HIGH | N/A |
| Stack-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid UncompressedQuickTimeData opcode length in a PICT image. | |||||
| CVE-2009-2195 | 2 Apple, Microsoft | 5 Mac Os X, Mac Os X Server, Safari and 2 more | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in WebKit in Apple Safari before 4.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted floating-point numbers. | |||||
| CVE-2007-4681 | 1 Apple | 1 Mac Os X | 2025-04-09 | 6.9 MEDIUM | N/A |
| Buffer overflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted directory hierarchy. | |||||
| CVE-2009-0013 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 2.1 LOW | N/A |
| dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that passwords must be provided as command line arguments, which allows local users to gain privileges by listing process information. | |||||
| CVE-2007-5851 | 1 Apple | 1 Mac Os X | 2025-04-09 | 3.6 LOW | N/A |
| iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically initiate a video connection to another user via unknown vectors. | |||||
| CVE-2007-2405 | 1 Apple | 3 Mac Os X, Mac Os X Server, Pdfkit | 2025-04-09 | 6.8 MEDIUM | N/A |
| Integer underflow in Preview in PDFKit on Apple Mac OS X 10.4.10 allows remote attackers to execute arbitrary code via a crafted PDF file. | |||||
| CVE-2007-5855 | 1 Apple | 1 Mac Os X | 2025-04-09 | 6.4 MEDIUM | N/A |
| Mail in Apple Mac OS X 10.4.11 and 10.5.1, when an SMTP account has been set up using Account Assistant, can use plaintext authentication even when MD5 Challenge-Response authentication is available, which makes it easier for remote attackers to sniff account activity. | |||||
| CVE-2009-1237 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 4.9 MEDIUM | N/A |
| Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allow local users to cause a denial of service (kernel memory consumption) via a crafted (1) SYS_add_profil or (2) SYS___mac_getfsstat system call. | |||||
| CVE-2007-0647 | 1 Apple | 1 Mac Os X | 2025-04-09 | 7.1 HIGH | N/A |
| Format string vulnerability in Help Viewer 3.0.0 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSBeginAlertSheet Apple AppKit function. | |||||
| CVE-2008-2331 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 5.0 MEDIUM | N/A |
| Finder in Apple Mac OS X 10.5 through 10.5.4 does not properly update permission data in the Get Info window after a lock operation that modifies Sharing & Permissions in a filesystem, which might allow local users to leverage weak permissions that were not intended by an administrator. | |||||