Filtered by vendor Apple
Subscribe
Total
14474 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0395 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | 5.1 MEDIUM | N/A |
| The Download Validation in Mail in Mac OS X 10.4 does not properly recognize attachment file types to warn a user of an unsafe type, which allows user-assisted remote attackers to execute arbitrary code via crafted file types. | |||||
| CVE-2006-3507 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | 7.2 HIGH | N/A |
| Multiple stack-based buffer overflows in the AirPort wireless driver on Apple Mac OS X 10.3.9 and 10.4.7 allow physically proximate attackers to execute arbitrary code by injecting crafted frames into a wireless network. | |||||
| CVE-2004-0086 | 1 Apple | 1 Mac Os X | 2026-04-16 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the Mail application for Mac OS X 10.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2004-0085. | |||||
| CVE-2005-0341 | 1 Apple | 1 Safari | 2026-04-16 | 4.3 MEDIUM | N/A |
| Apple Safari 1.2.4 does not obey the Content-type field in the HTTP header and renders text as HTML, which allows remote attackers to inject arbitrary web script or HTML and perform cross-site scripting (XSS) attacks. | |||||
| CVE-2003-0421 | 1 Apple | 1 Darwin Streaming Server | 2026-04-16 | 10.0 HIGH | N/A |
| Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different vulnerability than CVE-2003-0502. | |||||
| CVE-2004-1832 | 1 Apple | 1 Mac Os X Server | 2026-04-16 | 5.0 MEDIUM | N/A |
| Buffer overflow in the GUI admin service in Mac OS X Server 10.3 allows remote attackers to cause a denial of service (crash and restart) via a large amount of data to TCP port 660. | |||||
| CVE-2005-2516 | 1 Apple | 2 Mac Os X, Safari | 2026-04-16 | 7.5 HIGH | N/A |
| Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format (RTF) files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands. | |||||
| CVE-2001-1411 | 1 Apple | 1 Mac Os X | 2026-04-16 | 7.2 HIGH | N/A |
| Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs. | |||||
| CVE-2006-1981 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | 2.1 LOW | N/A |
| Unspecified vulnerability in Java InputMethods on Mac OS X 10.4.5 may cause InputMethods to send input events for secure fields to the wrong text field, which might reveal the password to others who can view the screen. | |||||
| CVE-2005-0969 | 1 Apple | 1 Mac Os X | 2026-04-16 | 4.6 MEDIUM | N/A |
| Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via crafted parameters. | |||||
| CVE-1999-1412 | 2 Apache, Apple | 2 Http Server, Macos | 2026-04-16 | 5.0 MEDIUM | N/A |
| A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes. | |||||
| CVE-2006-1459 | 1 Apple | 1 Quicktime | 2026-04-16 | 5.1 MEDIUM | N/A |
| Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted QuickTime movie (.MOV). | |||||
| CVE-2002-0655 | 3 Apple, Openssl, Oracle | 5 Mac Os X, Openssl, Application Server and 2 more | 2026-04-16 | 7.5 HIGH | N/A |
| OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2005-3897 | 1 Apple | 1 Safari | 2026-04-16 | 7.8 HIGH | N/A |
| Apple Safari 2.0.2 allows remote attackers to cause a denial of service (system slowdown) via a Javascript BODY onload event that calls the window function. | |||||
| CVE-2005-1579 | 1 Apple | 1 Quicktime | 2026-04-16 | 5.0 MEDIUM | N/A |
| Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read local information, then other patches to send the information to the attacker. | |||||
| CVE-2005-2505 | 1 Apple | 1 Mac Os X | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers to execute arbitrary code via command line arguments to an application that uses CoreFoundation. | |||||
| CVE-2006-1458 | 1 Apple | 1 Quicktime | 2026-04-16 | 5.1 MEDIUM | N/A |
| Integer overflow in Apple QuickTime Player before 7.1 allows remote attackers to execute arbitrary code via a crafted JPEG image. | |||||
| CVE-2002-0666 | 6 Apple, Freebsd, Frees Wan and 3 more | 12 Mac Os X, Mac Os X Server, Freebsd and 9 more | 2026-04-16 | 5.0 MEDIUM | N/A |
| IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors. | |||||
| CVE-2000-0563 | 1 Apple | 1 Mac Os Runtime For Java | 2026-04-16 | 10.0 HIGH | N/A |
| The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model. | |||||
| CVE-2005-2521 | 1 Apple | 1 Mac Os X | 2026-04-16 | 4.6 MEDIUM | N/A |
| Buffer overflow in traceroute in Mac OS X 10.3.9 allows local users to execute arbitrary code via unknown vectors. | |||||