Total
817 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3782 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 2.1 LOW | N/A |
| Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequences after the username. | |||||
| CVE-2004-0822 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable. | |||||
| CVE-2005-1722 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.2 HIGH | N/A |
| Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows local users to inject arbitrary commands into root sessions. | |||||
| CVE-2005-0373 | 6 Apple, Conectiva, Cyrus and 3 more | 8 Mac Os X, Mac Os X Server, Linux and 5 more | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. | |||||
| CVE-2004-0743 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Safari in Mac OS X before 10.3.5, after sending form data using the POST method, may re-send the data to a GET method URL if that URL is redirected after the POST data and the user uses the forward or backward buttons, which may cause an information leak. | |||||
| CVE-2006-0392 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 5.1 MEDIUM | N/A |
| Buffer overflow in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Canon RAW image. | |||||
| CVE-2005-1343 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument. | |||||
| CVE-2004-0517 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package installation," a different vulnerability than CVE-2004-0516. | |||||
| CVE-2006-1470 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error. | |||||
| CVE-2006-1982 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the LZWDecodeVector function in Mac OS X before 10.4.6, as used in applications that use ImageIO or AppKit, allows remote attackers to execute arbitrary code via crafted TIFF images. | |||||
| CVE-2004-0823 | 2 Apple, Openldap | 3 Mac Os X, Mac Os X Server, Openldap | 2025-04-03 | 7.5 HIGH | N/A |
| OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them. | |||||
| CVE-2005-1725 | 1 Apple | 1 Mac Os X Server | 2025-04-03 | 2.1 LOW | N/A |
| launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecure temporary directory. | |||||
| CVE-2004-0922 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2025-04-03 | 5.0 MEDIUM | N/A |
| AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box. | |||||
| CVE-2003-0171 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.2 HIGH | N/A |
| DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program. | |||||
| CVE-2005-1723 | 1 Apple | 1 Mac Os X Server | 2025-04-03 | 7.5 HIGH | N/A |
| LaunchServices in Apple Mac OS X 10.4.x up to 10.4.1 does not properly mark file extensions and MIME types as unsafe if an Apple Uniform Type Identifier (UTI) is not created when the type is added to the database of unsafe types, which could allow attackers to bypass intended restrictions. | |||||
| CVE-2004-1088 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying authentication information. | |||||
| CVE-2004-0428 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact. | |||||
| CVE-2005-0126 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.5 HIGH | N/A |
| ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute arbitrary code via malformed ICC color profiles that modify the heap. | |||||
| CVE-2006-1455 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.8 HIGH | N/A |
| QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, which triggers a null dereference. | |||||
| CVE-2005-2739 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 2.1 LOW | N/A |
| Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password. | |||||