Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X
Subscriptions
Total
5568 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1336 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable. | ||||
| CVE-2005-1307 | 2 Adobe, Apple | 2 Version Cue, Mac Os X | 2026-04-16 | N/A |
| The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory. | ||||
| CVE-2005-1260 | 5 Apple, Bzip, Canonical and 2 more | 5 Mac Os X, Bzip2, Ubuntu Linux and 2 more | 2026-04-16 | N/A |
| bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb"). | ||||
| CVE-2005-1333 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files. | ||||
| CVE-2006-0386 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| FileVault in Mac OS X 10.4.5 and earlier does not properly mount user directories when creating a FileVault image, which allows local users to access protected files when FileVault is enabled. | ||||
| CVE-2004-0823 | 3 Apple, Openldap, Redhat | 4 Mac Os X, Mac Os X Server, Openldap and 1 more | 2026-04-16 | N/A |
| OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them. | ||||
| CVE-2004-0822 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable. | ||||
| CVE-2001-1565 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through 10.1.5 provides the username and password on the command line, which allows local users to obtain authentication information via the ps command. | ||||
| CVE-2001-0806 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages. | ||||
| CVE-2004-1123 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2026-04-16 | N/A |
| Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte. | ||||
| CVE-2005-2744 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Buffer overflow in QuickDraw Manager for Apple OS X 10.3.9 and 10.4.2, as used by applications such as Safari, Mail, and Finder, allows remote attackers to execute arbitrary code via a crafted PICT file. | ||||
| CVE-2005-0713 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges. | ||||
| CVE-2005-0715 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Drop Boxes," which allows local users to read the contents of a Drop Box. | ||||
| CVE-2004-1084 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2026-04-16 | N/A |
| Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles. | ||||
| CVE-2006-3506 | 1 Apple | 3 Mac Os X, Mac Os X Server, Xsan | 2026-04-16 | N/A |
| Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7 and OS X Server 10.4.7 allows local users with Xsan write access, to execute arbitrary code via unspecified vectors related to "processing a path name." | ||||
| CVE-2005-2525 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2026-04-16 | N/A |
| CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple simultaneous print jobs, which allows remote attackers to cause a denial of service (printing halt). | ||||
| CVE-2004-1085 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2026-04-16 | N/A |
| Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit applications via the force-quit key combination, even when the system is running in kiosk mode. | ||||
| CVE-2004-0088 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| The System Configuration subsystem in Mac OS 10.2.8 allows local users to modify network settings, a different vulnerability than CVE-2004-0087. | ||||
| CVE-2005-1722 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows local users to inject arbitrary commands into root sessions. | ||||
| CVE-2004-0622 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does not properly clear memory for login (aka Loginwindow.app), Keychain, or FileVault passwords, which could allow the root user or an attacker with physical access to obtain sensitive information by reading memory. | ||||