Filtered by vendor Apple
Subscribe
Total
14474 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0913 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in the Terminal application for Mac OS X 10.3 (Client and Server) may allow "unauthorized access." | |||||
| CVE-2005-1341 | 1 Apple | 3 Mac Os X, Mac Os X Server, Terminal | 2026-04-16 | 5.1 MEDIUM | N/A |
| Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences. | |||||
| CVE-2005-0342 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | 2.1 LOW | N/A |
| The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file. | |||||
| CVE-2005-1332 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | 7.5 HIGH | N/A |
| Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory. | |||||
| CVE-2004-0538 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | 7.5 HIGH | N/A |
| LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, which could allow attackers to execute arbitrary code without warning the user. | |||||
| CVE-2003-0053 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2026-04-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message. | |||||
| CVE-2004-0825 | 1 Apple | 1 Mac Os X Server | 2026-04-16 | 5.0 MEDIUM | N/A |
| QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service (application deadlock) via a certain sequence of operations. | |||||
| CVE-2005-0127 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | 5.0 MEDIUM | N/A |
| Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine. | |||||
| CVE-2001-0198 | 1 Apple | 1 Quicktime | 2026-04-16 | 7.6 HIGH | N/A |
| Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag. | |||||
| CVE-2005-1474 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | 7.5 HIGH | N/A |
| Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933. | |||||
| CVE-2005-0716 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable. | |||||
| CVE-2005-4678 | 1 Apple | 1 Safari | 2026-04-16 | 5.0 MEDIUM | N/A |
| Apple Safari 2.0.2 (aka 416.12) allows remote attackers to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2004-0430 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | 5.1 MEDIUM | N/A |
| Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field. | |||||
| CVE-2006-1447 | 1 Apple | 1 Mac Os X | 2026-04-16 | 5.0 MEDIUM | N/A |
| LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to cause Safari to launch unsafe content via long file name extensions, which prevents Download Validation from determining which application will be used to open the file. | |||||
| CVE-2005-1726 | 1 Apple | 1 Mac Os X | 2026-04-16 | 4.6 MEDIUM | N/A |
| The CoreGraphics Window Server in Mac OS X 10.4.1 allows local users with console access to gain privileges by "launching commands into root sessions." | |||||
| CVE-2005-3709 | 1 Apple | 1 Quicktime | 2026-04-16 | 7.5 HIGH | N/A |
| Integer underflow in Apple Quicktime before 7.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Color Map Entry Size in a TGA image file. | |||||
| CVE-2006-1986 | 1 Apple | 1 Safari | 2026-04-16 | 7.5 HIGH | N/A |
| Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via a large CELLSPACING attribute in a TABLE tag, which triggers an error in KWQListIteratorImpl::KWQListIteratorImpl. | |||||
| CVE-2004-0514 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | 7.2 HIGH | N/A |
| Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups." | |||||
| CVE-2005-1337 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | 7.5 HIGH | N/A |
| Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI. | |||||
| CVE-2005-0985 | 1 Apple | 1 Mac Os X | 2026-04-16 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Mac OS X kernel before 10.3.8 allows local users to cause a denial of service (temporary hang) via unspecified attack vectors related to the fan control unit (FCU) driver. | |||||