Filtered by vendor Apple
Subscribe
Total
4411 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0720 | 1 Apple | 1 Mac Os X | 2023-12-10 | 7.5 HIGH | N/A |
| Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attackers to execute arbitrary commands by causing a BinHex or MacBinary file type to be downloaded, which causes the files to be executed if automatic decoding is enabled. | |||||
| CVE-2003-0270 | 1 Apple | 1 802.11n | 2023-12-10 | 7.6 HIGH | N/A |
| The administration capability for Apple AirPort 802.11 wireless access point devices uses weak encryption (XOR with a fixed key) for protecting authentication credentials, which could allow remote attackers to obtain administrative access via sniffing when the capability is available via Ethernet or non-WEP connections. | |||||
| CVE-2004-0088 | 1 Apple | 1 Mac Os X | 2023-12-10 | 2.1 LOW | N/A |
| The System Configuration subsystem in Mac OS 10.2.8 allows local users to modify network settings, a different vulnerability than CVE-2004-0087. | |||||
| CVE-2003-0420 | 1 Apple | 1 Mac Os X Server | 2023-12-10 | 4.6 MEDIUM | N/A |
| Information leak in dsimportexport for Apple Macintosh OS X Server 10.2.6 allows local users to obtain the username and password of the account running the tool. | |||||
| CVE-2004-0383 | 1 Apple | 1 Mac Os X | 2023-12-10 | 7.2 HIGH | N/A |
| Unknown vulnerability in Mail for Mac OS X 10.3.3 and 10.2.8, with unknown impact, related to "the handling of HTML-formatted email." | |||||
| CVE-2003-0804 | 3 Apple, Freebsd, Openbsd | 4 Mac Os X, Mac Os X Server, Freebsd and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests. | |||||
| CVE-2003-1009 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 10.0 HIGH | N/A |
| Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain privileges. | |||||
| CVE-2003-0502 | 1 Apple | 1 Darwin Streaming Server | 2023-12-10 | 10.0 HIGH | N/A |
| Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of service (crash) via a .. (dot dot) sequence followed by an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different vulnerability than CVE-2003-0421. | |||||
| CVE-2003-0379 | 1 Apple | 1 Afp Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Apple File Service (AFP Server) for Mac OS X Server, when sharing files on a UFS or re-shared NFS volume, allows remote attackers to overwrite arbitrary files. | |||||
| CVE-2004-0538 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.5 HIGH | N/A |
| LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, which could allow attackers to execute arbitrary code without warning the user. | |||||
| CVE-2004-0086 | 1 Apple | 1 Mac Os X | 2023-12-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the Mail application for Mac OS X 10.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2004-0085. | |||||
| CVE-1999-1077 | 1 Apple | 1 Macos | 2023-12-10 | 4.6 MEDIUM | N/A |
| Idle locking function in MacOS 9 allows local attackers to bypass the password protection of idled sessions via the programmer's switch or CMD-PWR keyboard sequence, which brings up a debugger that the attacker can use to disable the lock. | |||||
| CVE-2003-0514 | 1 Apple | 1 Safari | 2023-12-10 | 7.5 HIGH | N/A |
| Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | |||||
| CVE-2001-0102 | 1 Apple | 1 Macos | 2023-12-10 | 7.2 HIGH | N/A |
| "Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password. | |||||
| CVE-2003-1413 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2023-12-10 | 4.3 MEDIUM | N/A |
| parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages. | |||||
| CVE-2003-1010 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in fs_usage in Mac OS X 10.2.8 and 10.3.2 and Mac OS X Server 10.2.8 and 10.3.2 allows local users to gain privileges via unknown attack vectors. | |||||
| CVE-2004-0167 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.5 HIGH | N/A |
| DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initialize writeable removable media. | |||||
| CVE-2002-2373 | 1 Apple | 2 Apple Laserwriter, Tcp Ip Configuration Utility | 2023-12-10 | 7.5 HIGH | N/A |
| The default configuration of the TCP/IP printer configuration utility in Apple LaserWriter 12/640 PS printer contains a blank Telnet password, which allows remote attackers to gain access. | |||||
| CVE-2004-0085 | 1 Apple | 1 Mac Os X | 2023-12-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the Mail application for Mac OS X 10.1.5 and 10.2.8 with unknown impact, a different vulnerability than CVE-2004-0086. | |||||
| CVE-2004-0822 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable. | |||||