Filtered by vendor Apple
Subscriptions
Total
13599 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0825 | 1 Apple | 1 Mac Os X Server | 2025-04-03 | N/A |
| QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service (application deadlock) via a certain sequence of operations. | ||||
| CVE-2005-1472 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce the permissions of certain directories without the POSIX read bit set, but with the execute bits set for group or other, which allows local users to list files in otherwise restricted directories. | ||||
| CVE-2001-1411 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs. | ||||
| CVE-2006-0387 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier, and 10.3.9 and earlier, allows remote attackers to execute arbitrary code via unspecified vectors involving a web page with crafted JavaScript, a different vulnerability than CVE-2005-4504. | ||||
| CVE-2003-0877 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Mac OS X before 10.3 with core files enabled allows local users to overwrite arbitrary files and read core files via a symlink attack on core files that are created with predictable names in the /cores directory. | ||||
| CVE-2003-0878 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| slpd daemon in Mac OS X before 10.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2003-0875. | ||||
| CVE-2003-0880 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Unknown vulnerability in Mac OS X before 10.3 allows local users to access Dock functions from behind Screen Effects when Full Keyboard Access is enabled using the Keyboard pane in System Preferences. | ||||
| CVE-2003-0881 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password. | ||||
| CVE-2003-0694 | 12 Apple, Compaq, Freebsd and 9 more | 20 Mac Os X, Mac Os X Server, Tru64 and 17 more | 2025-04-03 | N/A |
| The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | ||||
| CVE-2003-0882 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Mac OS X before 10.3 initializes the TCP timestamp with a constant number, which allows remote attackers to determine the system's uptime via the ID field in a TCP packet. | ||||
| CVE-2003-0883 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| The System Preferences capability in Mac OS X before 10.3 allows local users to access secure Preference Panes for a short period after an administrator has authenticated to the system. | ||||
| CVE-2004-0988 | 1 Apple | 1 Quicktime | 2025-04-03 | N/A |
| Integer overflow on Apple QuickTime before 6.5.2, when running on Windows systems, allows remote attackers to cause a denial of service (memory consumption) via certain inputs that cause a large memory operation. | ||||
| CVE-2005-2195 | 1 Apple | 1 Darwin Streaming Server | 2025-04-03 | N/A |
| Apple Darwin Streaming Server 5.5 and earlier allows remote attackers to cause a denial of service (application crash) via a URL with a filename containing a .cgi extension and an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1, a different vulnerability than CVE-2003-0421 and CVE-2003-0502. | ||||
| CVE-2005-3704 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to spoof syslog messages in log files by injecting various control characters such as newline (NL). | ||||
| CVE-2006-4382 | 1 Apple | 1 Quicktime | 2025-04-03 | N/A |
| Multiple buffer overflows in Apple QuickTime before 7.1.3 allow user-assisted remote attackers to execute arbitrary code via a crafted QuickTime movie. | ||||
| CVE-2004-0720 | 1 Apple | 1 Safari | 2025-04-03 | N/A |
| Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | ||||
| CVE-2005-1474 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933. | ||||
| CVE-2004-1088 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2025-04-03 | N/A |
| Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying authentication information. | ||||
| CVE-2005-1332 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory. | ||||
| CVE-2003-0804 | 3 Apple, Freebsd, Openbsd | 4 Mac Os X, Mac Os X Server, Freebsd and 1 more | 2025-04-03 | N/A |
| The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests. | ||||