Filtered by vendor Apple Subscriptions
Filtered by product Mac Os X Server Subscriptions
Total 817 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2011-0186 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2025-04-11 N/A
QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG2000 image.
CVE-2010-3808 2 Apple, Microsoft 7 Mac Os X, Mac Os X Server, Safari and 4 more 2025-04-11 N/A
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of editing commands, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.
CVE-2007-4269 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Integer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk Session Protocol (ASP) message on an AppleTalk socket, which triggers a heap-based buffer overflow.
CVE-2007-4688 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
The Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain all addresses for a host, including link-local addresses, via a Node Information Query.
CVE-2007-1071 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Integer overflow in the gifGetBandProc function in ImageIO in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image that triggers the overflow during decompression. NOTE: this is a different issue than CVE-2006-3502 and CVE-2006-3503.
CVE-2007-0745 1 Apple 1 Mac Os X Server 2025-04-09 N/A
The Apple Security Update 2007-004 uses an incorrect configuration file for FTPServer in Apple Mac OS X Server 10.4.9, which might allow remote authenticated users to access additional directories.
CVE-2007-0744 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
SMB in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when executing commands, which allows local users to gain privileges by setting unspecified environment variables.
CVE-2007-0736 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap.
CVE-2007-0735 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving crafted web pages that trigger certain error conditions that are not properly reported in certain circumstances, resulting in accessing deallocated memory.
CVE-2008-3622 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5 through 10.5.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message that reaches a mailing-list archive, aka "persistent JavaScript injection."
CVE-2006-6126 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Apple Mac OS X allows local users to cause a denial of service (memory corruption) via a crafted Mach-O binary with a malformed load_command data structure.
CVE-2008-2313 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Apple Mac OS X before 10.5 uses weak permissions for the User Template directory, which allows local users to gain privileges by inserting a Trojan horse file into this directory.
CVE-2008-2311 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Launch Services in Apple Mac OS X before 10.5, when Open Safe Files is enabled, allows remote attackers to execute arbitrary code via a symlink attack, probably related to a race condition and automatic execution of a downloaded file.
CVE-2008-2308 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Unspecified vulnerability in Alias Manager in Apple Mac OS X 10.5.1 and earlier on Intel platforms allows local users to gain privileges or cause a denial of service (memory corruption and application crash) by resolving an alias that contains crafted AFP volume mount information.
CVE-2008-1580 1 Apple 3 Mac Os X, Mac Os X Server, Safari 2025-04-09 N/A
CFNetwork in Safari in Apple Mac OS X before 10.5.3 automatically sends an SSL client certificate in response to a web server's certificate request, which allows remote web sites to obtain sensitive information (Subject data) from personally identifiable certificates, and use arbitrary certificates to track user activities across domains, a related issue to CVE-2007-4879.
CVE-2007-4685 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to gain privileges by executing setuid or setgid programs in which the stdio, stderr, or stdout file descriptors are "in an unexpected state."
CVE-2006-6062 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a malformed UDTO HFS+ disk image, such as with "bad sectors," which triggers memory corruption.
CVE-2009-2839 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Screen Sharing in Apple Mac OS X 10.5.8 allows remote VNC servers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
CVE-2009-2828 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
The server in DirectoryService in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
CVE-2009-2831 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Dictionary in Apple Mac OS X 10.5.8 allows remote attackers to create arbitrary files with any contents, and thereby execute arbitrary code, via crafted JavaScript, related to a "design issue."