Total
5568 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4401 | 1 Apple | 1 Mac Os X | 2025-04-09 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in CFNetwork in Mac OS 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary FTP commands via a crafted FTP URI. | |||||
| CVE-2006-6126 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 2.1 LOW | N/A |
| Apple Mac OS X allows local users to cause a denial of service (memory corruption) via a crafted Mach-O binary with a malformed load_command data structure. | |||||
| CVE-2009-2192 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 7.5 HIGH | N/A |
| MobileMe in Apple Mac OS X 10.5 before 10.5.8 does not properly delete credentials upon signout from the preference pane, which makes it easier for attackers to hijack a MobileMe session via unspecified vectors, related to a "logic issue." | |||||
| CVE-2008-4214 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and 10.5.5 allows local users to cause the scripting dictionary to be written to arbitrary locations, related to an "insecure file operation" on temporary files. | |||||
| CVE-2009-2843 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 5.0 MEDIUM | N/A |
| Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accepts expired certificates for applets, which makes it easier for remote attackers to execute arbitrary code via an applet. | |||||
| CVE-2007-5857 | 1 Apple | 1 Mac Os X | 2025-04-09 | 6.4 MEDIUM | N/A |
| Quick Look in Apple Mac OS X 10.5.1 does not prevent a movie from accessing URLs when the movie file is previewed or if an icon is created, which might allow remote attackers to obtain sensitive information via HREFTrack. | |||||
| CVE-2006-7034 | 9 Apple, Hp, Ibm and 6 more | 18 Mac Os X, Hp-ux, Tru64 and 15 more | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter. | |||||
| CVE-2007-4692 | 2 Apple, Microsoft | 4 Mac Os X, Mac Os X Server, Safari and 1 more | 2025-04-09 | 4.3 MEDIUM | N/A |
| The tabbed browsing feature in Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4 through 10.4.10, allows remote attackers to spoof HTTP authentication for other sites and possibly conduct phishing attacks by causing an authentication sheet to be displayed for a tab that is not active, which makes it appear as if it is associated with the active tab. | |||||
| CVE-2008-0051 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 6.9 MEDIUM | N/A |
| Integer overflow in CoreFoundation in Apple Mac OS X 10.4.11 might allow local users to execute arbitrary code via crafted time zone data. | |||||
| CVE-2008-0056 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in Foundation in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a "long pathname with an unexpected structure" that triggers the overflow in NSFileManager. | |||||
| CVE-2007-0462 | 1 Apple | 2 Mac Os X, Quicktime | 2025-04-09 | 10.0 HIGH | N/A |
| The _GetSrcBits32ARGB function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT image with a malformed Alpha RGB (ARGB) record, which triggers memory corruption. | |||||
| CVE-2008-3645 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 7.2 HIGH | N/A |
| Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Networking component) in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors. | |||||
| CVE-2009-0014 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 2.1 LOW | N/A |
| Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissions when recreating a Downloads folder after it has been deleted, which allows local users to bypass intended access restrictions and read the Downloads folder. | |||||
| CVE-2008-0040 | 1 Apple | 1 Mac Os X | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in NFS in Apple Mac OS X 10.5 through 10.5.1 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via unknown vectors related to mbuf chains that trigger memory corruption. | |||||
| CVE-2022-2294 | 6 Apple, Fedoraproject, Google and 3 more | 12 Ipados, Iphone Os, Mac Os X and 9 more | 2025-04-03 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2005-3706 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 6.4 MEDIUM | N/A |
| Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4.5 allows context-dependent attackers to execute arbitrary code by causing an application that uses LibSystem to request a large amount of memory. | |||||
| CVE-2005-2746 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message contents when using auto-reply rules, which could cause Mail.app to include decrypted message contents for encrypted messages. | |||||
| CVE-2006-3946 | 1 Apple | 2 Mac Os X, Safari | 2025-04-03 | 7.5 HIGH | N/A |
| WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted HTML that triggers a "memory management error" in WebKit, possibly due to a buffer overflow, as originally reported for the KHTMLParser::popOneBlock function in Apple Safari 2.0.4 using Javascript that changes document.body.innerHTML within a DIV tag. | |||||
| CVE-2006-1472 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in AFP Server in Apple Mac OS X 10.3.9 allows remote attackers to determine names of unauthorized files and folders via unknown vectors related to the search results. | |||||
| CVE-2004-0485 | 1 Apple | 1 Mac Os X | 2025-04-03 | 5.0 MEDIUM | N/A |
| The default protocol helper for the disk: URI on Mac OS X 10.3.3 and 10.2.8 allows remote attackers to write arbitrary files by causing a disk image file (.dmg) to be mounted as a disk volume. | |||||