Filtered by vendor Apple
Subscribe
Total
4411 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0806 | 1 Apple | 1 Mac Os X | 2023-12-10 | 3.6 LOW | N/A |
Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages. | |||||
CVE-2002-0656 | 3 Apple, Openssl, Oracle | 5 Mac Os X, Openssl, Application Server and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3. | |||||
CVE-2004-0168 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 10.0 HIGH | N/A |
Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging." | |||||
CVE-2003-0881 | 1 Apple | 1 Mac Os X | 2023-12-10 | 7.5 HIGH | N/A |
Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password. | |||||
CVE-2004-0824 | 1 Apple | 1 Mac Os X | 2023-12-10 | 2.1 LOW | N/A |
PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files. | |||||
CVE-2003-0694 | 11 Apple, Compaq, Freebsd and 8 more | 18 Mac Os X, Mac Os X Server, Tru64 and 15 more | 2023-12-10 | 10.0 HIGH | N/A |
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | |||||
CVE-2004-0428 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact. | |||||
CVE-2002-1270 | 1 Apple | 1 Mac Os X | 2023-12-10 | 2.1 LOW | N/A |
Mac OS X 10.2.2 allows local users to read files that only allow write access via the map_fd() Mach system call. | |||||
CVE-2003-1011 | 1 Apple | 1 Mac Os X | 2023-12-10 | 7.2 HIGH | N/A |
Apple Mac OS X 10.0 through 10.2.8 allows local users with a USB keyboard to gain unauthorized access by holding down the CTRL and C keys when the system is booting, which crashes the init process and leaves the user in a root shell. | |||||
CVE-2003-0050 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2023-12-10 | 7.5 HIGH | N/A |
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via shell metacharacters. | |||||
CVE-1999-0138 | 7 Apple, Digital, Freebsd and 4 more | 9 A Ux, Osf 1, Freebsd and 6 more | 2023-12-10 | 7.2 HIGH | N/A |
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. | |||||
CVE-2004-0515 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 4.6 MEDIUM | N/A |
Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of console log files." | |||||
CVE-2003-0355 | 2 Apple, Kde | 2 Safari, Konqueror Embedded | 2023-12-10 | 5.0 MEDIUM | N/A |
Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates. | |||||
CVE-2004-0514 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.2 HIGH | N/A |
Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups." | |||||
CVE-1999-0590 | 3 Apple, Linux, Microsoft | 6 Macos, Linux Kernel, Windows 2000 and 3 more | 2023-12-10 | 10.0 HIGH | N/A |
A system does not present an appropriate legal message or warning to a user who is accessing it. | |||||
CVE-2004-1084 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles. | |||||
CVE-2003-1005 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 5.0 MEDIUM | N/A |
The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences. | |||||
CVE-2004-0513 | 1 Apple | 1 Mac Os X | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact and attack vectors related to "logging when tracing system calls." | |||||
CVE-2001-0198 | 1 Apple | 1 Quicktime | 2023-12-10 | 7.6 HIGH | N/A |
Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag. | |||||
CVE-2000-0346 | 1 Apple | 1 Appleshare | 2023-12-10 | 5.0 MEDIUM | N/A |
AppleShare IP 6.1 and later allows a remote attacker to read potentially sensitive information via an invalid range request to the web server. |