Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X
Subscriptions
Total
5568 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0397 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. | ||||
| CVE-2006-0400 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to bypass the same-origin policy and execute Javascript in other domains via unknown vectors involving "crafted archives." | ||||
| CVE-2005-2502 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, allows external user-assisted attackers to execute arbitrary code via a crafted Microsoft Word file. | ||||
| CVE-2005-2506 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Algorithmic complexity vulnerability in CoreFoundation in Mac OS X 10.3.9 and 10.4.2 allows attackers to cause a denial of service (CPU consumption) via crafted Gregorian dates. | ||||
| CVE-2005-2513 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Unknown vulnerability in HItoolbox for Mac OS X 10.4.2 allows VoiceOver services to read secure input fields. | ||||
| CVE-2005-2516 | 1 Apple | 2 Mac Os X, Safari | 2025-04-03 | N/A |
| Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format (RTF) files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands. | ||||
| CVE-2005-2522 | 1 Apple | 2 Mac Os X, Safari | 2025-04-03 | N/A |
| Safari in WebKit in Mac OS X 10.4 to 10.4.2 directly accesses URLs within PDF files without the normal security checks, which allows remote attackers to execute arbitrary code via links in a PDF file. | ||||
| CVE-2005-2525 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2025-04-03 | N/A |
| CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple simultaneous print jobs, which allows remote attackers to cause a denial of service (printing halt). | ||||
| CVE-2005-2526 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2025-04-03 | N/A |
| CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a denial of service (CPU consumption) by sending a partial IPP request and closing the connection. | ||||
| CVE-2005-0712 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Mac OS X before 10.3.8 users world-writable permissions for certain directories, which may allow local users to gain privileges, possibly via the receipt cache or ColorSync profiles. | ||||
| CVE-2001-1411 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs. | ||||
| CVE-2001-1447 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) "recent items" and (2) "services" menus, which causes the applications to run with root privileges. | ||||
| CVE-2006-1981 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Unspecified vulnerability in Java InputMethods on Mac OS X 10.4.5 may cause InputMethods to send input events for secure fields to the wrong text field, which might reveal the password to others who can view the screen. | ||||
| CVE-2006-3497 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Unspecified vulnerability in the "compression state handling" in Bom for Apple Mac OS X 10.3.9 and 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Zip archive. | ||||
| CVE-2005-0975 | 2 Apple, Opendarwin | 3 Mac Os X, Mac Os X Server, Darwin Kernel | 2025-04-03 | N/A |
| Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service (CPU consumption) via a crafted mach-o header. | ||||
| CVE-2005-0970 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with escalated privileges via vulnerable scripts. | ||||
| CVE-2006-3506 | 1 Apple | 3 Mac Os X, Mac Os X Server, Xsan | 2025-04-03 | N/A |
| Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7 and OS X Server 10.4.7 allows local users with Xsan write access, to execute arbitrary code via unspecified vectors related to "processing a path name." | ||||
| CVE-2003-0088 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debugging information. | ||||
| CVE-2005-1043 | 7 Apple, Conectiva, Peachtree and 4 more | 8 Mac Os X, Mac Os X Server, Linux and 5 more | 2025-04-03 | N/A |
| exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. | ||||
| CVE-2005-0373 | 6 Apple, Conectiva, Cyrus and 3 more | 8 Mac Os X, Mac Os X Server, Linux and 5 more | 2025-04-03 | N/A |
| Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. | ||||