Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X Server
Subscriptions
Total
817 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4236 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Apple Type Services (ATS) in Apple Mac OS X 10.5 before 10.5.6 allows remote attackers to cause a denial of service (infinite loop) via a crafted embedded font in a PDF file. | ||||
| CVE-2007-4685 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to gain privileges by executing setuid or setgid programs in which the stdio, stderr, or stdout file descriptors are "in an unexpected state." | ||||
| CVE-2008-1580 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2025-04-09 | N/A |
| CFNetwork in Safari in Apple Mac OS X before 10.5.3 automatically sends an SSL client certificate in response to a web server's certificate request, which allows remote web sites to obtain sensitive information (Subject data) from personally identifiable certificates, and use arbitrary certificates to track user activities across domains, a related issue to CVE-2007-4879. | ||||
| CVE-2007-3746 | 1 Apple | 3 Ichat, Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 does not properly check the bounds of heap read and write operations, which allows remote attackers to execute arbitrary code via a crafted applet. | ||||
| CVE-2007-3747 | 1 Apple | 3 Ichat, Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 does not restrict object instantiation and manipulation to valid heap addresses, which allows remote attackers to execute arbitrary code via a crafted applet. | ||||
| CVE-2007-1884 | 4 Apple, Linux, Microsoft and 1 more | 6 Mac Os X, Mac Os X Server, Linux Kernel and 3 more | 2025-04-09 | N/A |
| Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via (1) certain negative argument numbers that arise in the php_formatted_print function because of 64 to 32 bit truncation, and bypass a check for the maximum allowable value; and (2) a width and precision of -1, which make it possible for the php_sprintf_appendstring function to place an internal buffer at an arbitrary memory location. | ||||
| CVE-2008-0063 | 8 Apple, Canonical, Debian and 5 more | 13 Mac Os X, Mac Os X Server, Ubuntu Linux and 10 more | 2025-04-09 | 7.5 High |
| The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values." | ||||
| CVE-2008-3616 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Multiple integer overflows in the SearchKit API in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allow context-dependent attackers to cause a denial of service (application crash) or execute arbitrary code via vectors associated with "passing untrusted input" to unspecified API functions. | ||||
| CVE-2007-4686 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Integer signedness error in the ttioctl function in bsd/kern/tty.c in the xnu kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to cause a denial of service (system shutdown) or gain privileges via a crafted TIOCSETD ioctl request. | ||||
| CVE-2007-4691 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs. | ||||
| CVE-2007-4692 | 2 Apple, Microsoft | 4 Mac Os X, Mac Os X Server, Safari and 1 more | 2025-04-09 | N/A |
| The tabbed browsing feature in Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4 through 10.4.10, allows remote attackers to spoof HTTP authentication for other sites and possibly conduct phishing attacks by causing an authentication sheet to be displayed for a tab that is not active, which makes it appear as if it is associated with the active tab. | ||||
| CVE-2007-4694 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Safari in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to access local content via file:// URLs. | ||||
| CVE-2007-4696 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Race condition in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain information for forms from other sites via unknown vectors related to "page transitions" in Safari. | ||||
| CVE-2007-4700 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Unspecified vulnerability in WebKit on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to use Safari as an indirect proxy and send attacker-controlled data to arbitrary TCP ports via unknown vectors. | ||||
| CVE-2007-4702 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| The Application Firewall in Apple Mac OS X 10.5, when "Block all incoming connections" is enabled, does not prevent root processes or mDNSResponder from accepting connections, which might allow remote attackers or local root processes to bypass intended access restrictions. | ||||
| CVE-2007-4703 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| The Application Firewall in Apple Mac OS X 10.5 does not prevent a root process from accepting incoming connections, even when "Block incoming connections" has been set for its associated executable, which might allow remote attackers or local root processes to bypass intended access restrictions. | ||||
| CVE-2007-0728 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files insecurely while initializing a USB printer, which allows local users to create or overwrite arbitrary files. | ||||
| CVE-2007-0729 | 1 Apple | 3 Mac Os X, Mac Os X Preview.app, Mac Os X Server | 2025-04-09 | N/A |
| Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment before executing commands, which allows local users to gain privileges by setting unspecified environment variables. | ||||
| CVE-2008-0049 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter-process communication instead of inter-thread communication, which allows local users to execute arbitrary code via crafted messages to privileged applications. | ||||
| CVE-2008-0050 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| CFNetwork in Apple Mac OS X 10.4.11 allows remote HTTPS proxy servers to spoof secure websites via data in a 502 Bad Gateway error. | ||||