Filtered by vendor Apple
Subscriptions
Total
13715 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0463 | 1 Apple | 1 Software Update | 2026-04-23 | N/A |
| Format string vulnerability in Apple Software Update 2.0.5 on Mac OS X 10.4.8 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via format string specifiers in (1) SWUTMP or (2) SUCATALOG filenames, or using the (3) application/x-apple.sucatalog+xml MIME type. | ||||
| CVE-2008-0031 | 1 Apple | 1 Quicktime | 2026-04-23 | N/A |
| Unspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Sorenson 3 video file, which triggers memory corruption. | ||||
| CVE-2008-0032 | 1 Apple | 1 Quicktime | 2026-04-23 | N/A |
| Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a movie file containing a Macintosh Resource record with a modified length value in the resource header, which triggers heap corruption. | ||||
| CVE-2008-0034 | 1 Apple | 2 Iphone, Iphone Os | 2026-04-23 | N/A |
| Unspecified vulnerability in Passcode Lock in Apple iPhone 1.0 through 1.1.2 allows users with physical access to execute applications without entering the passcode via vectors related to emergency calls. | ||||
| CVE-2008-0038 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Launch Services in Apple Mac OS X 10.5 through 10.5.1 allows an uninstalled application to be launched if it is in a Time Machine backup, which might allow local users to bypass intended security restrictions or exploit vulnerabilities in the application. | ||||
| CVE-2008-0040 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Unspecified vulnerability in NFS in Apple Mac OS X 10.5 through 10.5.1 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via unknown vectors related to mbuf chains that trigger memory corruption. | ||||
| CVE-2008-0041 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Parental Controls in Apple Mac OS X 10.5 through 10.5.1 contacts www.apple.com "when a website is unblocked," which allows remote attackers to determine when a system is running Parental Controls. | ||||
| CVE-2009-2798 | 1 Apple | 1 Quicktime | 2026-04-23 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file. | ||||
| CVE-2009-2805 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JBIG2 stream in a PDF file, leading to a heap-based buffer overflow. | ||||
| CVE-2009-2807 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2009-2808 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Help Viewer in Apple Mac OS X before 10.6.2 does not use an HTTPS connection to retrieve Apple Help content from a web site, which allows man-in-the-middle attackers to send a crafted help:runscript link, and thereby execute arbitrary code, via a spoofed response. | ||||
| CVE-2009-2810 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Launch Services in Apple Mac OS X 10.6.x before 10.6.2 recursively clears quarantine information upon opening a quarantined folder, which allows user-assisted remote attackers to execute arbitrary code via a quarantined application that does not trigger a "potentially unsafe" warning message. | ||||
| CVE-2009-2813 | 4 Apple, Fedoraproject, Redhat and 1 more | 6 Mac Os X, Mac Os X Server, Fedora and 3 more | 2026-04-23 | N/A |
| Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories. | ||||
| CVE-2009-2817 | 1 Apple | 1 Itunes | 2026-04-23 | N/A |
| Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file. | ||||
| CVE-2009-2818 | 1 Apple | 1 Mac Os X Server | 2026-04-23 | N/A |
| Adaptive Firewall in Apple Mac OS X before 10.6.2 does not properly handle invalid usernames in SSH login attempts, which makes it easier for remote attackers to obtain login access via a brute-force attack (aka dictionary attack). | ||||
| CVE-2009-2819 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| AFP Client in Apple Mac OS X 10.5.8 allows remote AFP servers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via unspecified vectors. | ||||
| CVE-2009-2820 | 2 Apple, Redhat | 3 Mac Os X, Mac Os X Server, Enterprise Linux | 2026-04-23 | N/A |
| The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks via vectors related to (a) the product's web interface, (b) the configuration of the print system, and (c) the titles of printed jobs, as demonstrated by an XSS attack that uses the kerberos parameter to the admin program, and leverages attribute injection and HTTP Parameter Pollution (HPP) issues. | ||||
| CVE-2009-2823 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software. | ||||
| CVE-2009-2824 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code via a crafted embedded font in a document. | ||||
| CVE-2009-2826 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Multiple integer overflows in CoreGraphics in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers a heap-based buffer overflow. | ||||