Total
5557 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1457 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 2.6 LOW | N/A |
| Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote attackers to overwrite arbitrary files via an archive that contains a symlink. | |||||
| CVE-2005-2744 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 5.1 MEDIUM | N/A |
| Buffer overflow in QuickDraw Manager for Apple OS X 10.3.9 and 10.4.2, as used by applications such as Safari, Mail, and Finder, allows remote attackers to execute arbitrary code via a crafted PICT file. | |||||
| CVE-2005-3706 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 6.4 MEDIUM | N/A |
| Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4.5 allows context-dependent attackers to execute arbitrary code by causing an application that uses LibSystem to request a large amount of memory. | |||||
| CVE-2006-1456 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging. | |||||
| CVE-2005-1933 | 1 Apple | 1 Mac Os X | 2023-12-10 | 7.5 HIGH | N/A |
| Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier (CFBundleIdentifier), a different vulnerability than CVE-2005-1474. | |||||
| CVE-2005-2521 | 1 Apple | 1 Mac Os X | 2023-12-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in traceroute in Mac OS X 10.3.9 allows local users to execute arbitrary code via unknown vectors. | |||||
| CVE-2004-0921 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2023-12-10 | 7.5 HIGH | N/A |
| AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets. | |||||
| CVE-2005-0969 | 1 Apple | 1 Mac Os X | 2023-12-10 | 4.6 MEDIUM | N/A |
| Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via crafted parameters. | |||||
| CVE-2005-2749 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Finder Get Info window for Mac OS X 10.4 up to 10.4.2 causes Finder to misrepresent file and group ownership information. NOTE: it is not clear whether this issue satisfies the CVE definition of a vulnerability. | |||||
| CVE-2006-3500 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.2 HIGH | N/A |
| The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an "improperly handled condition" that leads to use of "dangerous paths," probably related to an untrusted search path vulnerability. | |||||
| CVE-2006-0384 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.5 HIGH | N/A |
| automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to "mount file systems with reserved names". | |||||
| CVE-2005-1337 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.5 HIGH | N/A |
| Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI. | |||||
| CVE-2005-1335 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.2 HIGH | N/A |
| Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner." | |||||
| CVE-2006-2277 | 1 Apple | 1 Mac Os X | 2023-12-10 | 5.0 MEDIUM | N/A |
| Multiple Apple Mac OS X 10.4 applications might allow context-dependent attackers to cause a denial of service (application crash) via a crafted OpenEXR (.exr) image file, which triggers the crash when opening a folder using Finder, displaying the image in Safari, or using Preview to open the file. | |||||
| CVE-2005-1473 | 1 Apple | 1 Mac Os X | 2023-12-10 | 4.6 MEDIUM | N/A |
| SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field. | |||||
| CVE-2005-1307 | 2 Adobe, Apple | 2 Version Cue, Mac Os X | 2023-12-10 | 7.2 HIGH | N/A |
| The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory. | |||||
| CVE-2005-2524 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2023-12-10 | 5.0 MEDIUM | N/A |
| Safari after 2.0 in Apple Mac OS X 10.3.9 allows remote attackers to bypass domain restrictions via crafted web archives that cause Safari to render them as if they came from a different site. | |||||
| CVE-2005-2752 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 2.1 LOW | N/A |
| An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406. | |||||
| CVE-2005-2742 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 4.6 MEDIUM | N/A |
| SecurityAgent in Apple Mac OS X 10.4.2, under certain circumstances, can cause the "Switch User..." button to appear even though the "Enable fast user switching" setting is disabled, which can allow attackers with physical access to gain access to the desktop and bypass the "Require password to wake this computer from sleep or screen saver" setting. | |||||
| CVE-2004-0922 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2023-12-10 | 5.0 MEDIUM | N/A |
| AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box. | |||||