Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X Server
Subscriptions
Total
817 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2504 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| The System Profiler in Mac OS X 10.4.2 labels a Bluetooth device with "Requires Authentication: No" even when the user has selected the "Require pairing for security" option, which could confuse users about which setting is valid. | ||||
| CVE-2005-2503 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| AppKit for Mac OS X 10.3.9 and 10.4.2 allows attackers with physical access to create local accounts by forcing a particular error to occur at the login window. | ||||
| CVE-2005-2501 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows external user-assisted attackers to execute arbitrary code via a crafted Rich Text Format (RTF) file. | ||||
| CVE-2003-0466 | 7 Apple, Freebsd, Netbsd and 4 more | 10 Mac Os X, Mac Os X Server, Freebsd and 7 more | 2025-04-03 | 9.8 Critical |
| Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. | ||||
| CVE-2006-1470 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error. | ||||
| CVE-2005-2713 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option. | ||||
| CVE-2006-3509 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service (crash) or execute arbitrary code in third-party wireless software that uses the API via crafted frames. | ||||
| CVE-2006-3505 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML document that causes WebKit to access an object that has already been deallocated. | ||||
| CVE-2006-3500 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an "improperly handled condition" that leads to use of "dangerous paths," probably related to an untrusted search path vulnerability. | ||||
| CVE-2006-3499 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| The dynamic linker (dyld) in Apple Mac OS X 10.3.9 allows local users to obtain sensitive information via unspecified dynamic linker options that affect the use of standard error (stderr) by privileged applications. | ||||
| CVE-2006-4095 | 3 Apple, Canonical, Isc | 4 Mac Os X, Mac Os X Server, Ubuntu Linux and 1 more | 2025-04-03 | 7.5 High |
| BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned. | ||||
| CVE-2004-0430 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field. | ||||
| CVE-2004-0803 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2025-04-03 | N/A |
| Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. | ||||
| CVE-2004-0925 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, does not properly clear the username between authentication attempts, which allows users with the longest username to prevent other valid users from being able to authenticate. | ||||
| CVE-2004-0924 | 2 Apple, Easy Software Products | 3 Mac Os X, Mac Os X Server, Cups | 2025-04-03 | N/A |
| NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial root login, reports the root account as being disabled, even when it has not. | ||||
| CVE-2006-1985 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2025-04-03 | N/A |
| Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop function. | ||||
| CVE-2006-1983 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF, as used in applications that use ImageIO or AppKit. NOTE: the BMP vector has been re-assigned to CVE-2006-2238 because it affects a separate product family. | ||||
| CVE-2006-1982 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Heap-based buffer overflow in the LZWDecodeVector function in Mac OS X before 10.4.6, as used in applications that use ImageIO or AppKit, allows remote attackers to execute arbitrary code via crafted TIFF images. | ||||
| CVE-2004-0822 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable. | ||||
| CVE-2006-1552 | 1 Apple | 4 Imageio, Mac Os X, Mac Os X Server and 1 more | 2025-04-03 | N/A |
| Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom". | ||||