Filtered by vendor Apple
Subscriptions
Total
14575 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4678 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| AppleRAID in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows attackers to cause a denial of service (crash) via a crafted striped disk image, which triggers a NULL pointer dereference when it is mounted. | ||||
| CVE-2009-0601 | 6 Apple, Freebsd, Linux and 3 more | 6 Mac Os X, Freebsd, Linux Kernel and 3 more | 2026-04-23 | N/A |
| Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable. | ||||
| CVE-2008-4216 | 1 Apple | 1 Safari | 2026-04-23 | N/A |
| The plug-in interface in WebKit in Apple Safari before 3.2 does not prevent plug-ins from accessing local URLs, which allows remote attackers to obtain sensitive information via vectors that "launch local files." | ||||
| CVE-2009-1955 | 8 Apache, Apple, Canonical and 5 more | 11 Apr-util, Http Server, Mac Os X and 8 more | 2026-04-23 | 7.5 High |
| The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564. | ||||
| CVE-2009-2188 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Buffer overflow in ImageIO in Apple Mac OS X 10.5 before 10.5.8, and Safari before 4.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with crafted EXIF metadata. | ||||
| CVE-2008-0039 | 1 Apple | 2 Mac Os X, Mail | 2026-04-23 | N/A |
| Unspecified vulnerability in Mail in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary commands via a crafted file:// URL. | ||||
| CVE-2008-0037 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| X11 in Apple Mac OS X 10.5 through 10.5.1 does not properly handle when the "Allow connections from network client" preference is disabled, which allows remote attackers to bypass intended access restrictions and connect to the X server. | ||||
| CVE-2007-4812 | 1 Apple | 1 Safari | 2026-04-23 | N/A |
| Buffer overflow in Apple Safari 3.0.3 522.15.5, and other versions before Beta Update 3.0.4, allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact by setting document.location.hash to a long string. NOTE: the crash might actually occur in the alert method. | ||||
| CVE-2008-0055 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Foundation in Apple Mac OS X 10.4.11 creates world-writable directories while NSFileManager copies files recursively and only modifies the permissions afterward, which allows local users to modify copied files to cause a denial of service and possibly gain privileges. | ||||
| CVE-2008-3635 | 3 Apple, Intel, Microsoft | 5 Quicktime, Indeo, Windows-nt and 2 more | 2026-04-23 | N/A |
| Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an unspecified third-party Indeo v3.2 (aka IV32) codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file. | ||||
| CVE-2008-2306 | 2 Apple, Microsoft | 3 Safari, Windows Vista, Windows Xp | 2026-04-23 | N/A |
| Apple Safari before 3.1.2 on Windows does not properly interpret the URLACTION_SHELL_EXECUTE_HIGHRISK Internet Explorer zone setting, which allows remote attackers to bypass intended access restrictions, and force a client system to download and execute arbitrary files. | ||||
| CVE-2008-2307 | 2 Apple, Microsoft | 5 Mac Os X, Safari, Windows and 2 more | 2026-04-23 | N/A |
| Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before 10.5.4, and standalone for Windows and Mac OS X 10.4, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors involving JavaScript arrays that trigger memory corruption. | ||||
| CVE-2007-6165 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote attackers to execute arbitrary code via an AppleDouble attachment containing an apparently-safe file type and script in a resource fork, which does not warn the user that a separate program is going to be executed. NOTE: this is a regression error related to CVE-2006-0395. | ||||
| CVE-2007-6694 | 3 Apple, Linux, Redhat | 3 Powerpc, Linux Kernel, Enterprise Linux | 2026-04-23 | N/A |
| The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which triggers a NULL pointer dereference. | ||||
| CVE-2009-0008 | 2 Apple, Microsoft | 3 Quicktime Mpeg-2 Playback Component, Windows Vista, Windows Xp | 2026-04-23 | N/A |
| Unspecified vulnerability in Apple QuickTime MPEG-2 Playback Component before 7.60.92.0 on Windows allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted MPEG-2 movie. | ||||
| CVE-2007-5848 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service. | ||||
| CVE-2007-0746 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Heap-based buffer overflow in the VideoConference framework in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via a "crafted SIP packet when initializing an audio/video conference". | ||||
| CVE-2009-0154 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code via a crafted Compact Font Format (CFF) font. | ||||
| CVE-2007-4671 | 2 Apple, Microsoft | 5 Iphone Os, Mac Os X, Safari and 2 more | 2026-04-23 | N/A |
| Unspecified vulnerability in Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to "alter or access" HTTPS content via an HTTP session with a crafted web page that causes Javascript to be applied to HTTPS pages from the same domain. | ||||
| CVE-2007-4683 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Directory traversal vulnerability in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to bypass the chroot mechanism via a relative path when changing the current working directory. | ||||