Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X
Subscriptions
Total
5568 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1983 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF, as used in applications that use ImageIO or AppKit. NOTE: the BMP vector has been re-assigned to CVE-2006-2238 because it affects a separate product family. | ||||
| CVE-2006-1220 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Integer overflow in the mach_msg_send function in the kernel for Mac OS X might allow local users to execute arbitrary code via unknown attack vectors related to a large message header size, which leads to a heap-based buffer overflow. | ||||
| CVE-2002-1372 | 3 Apple, Debian, Redhat | 4 Cups, Mac Os X, Debian Linux and 1 more | 2025-04-03 | 7.5 High |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta. | ||||
| CVE-2001-0766 | 2 Apache, Apple | 2 Http Server, Mac Os X | 2025-04-03 | 9.8 Critical |
| Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters. | ||||
| CVE-2004-0087 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| The System Configuration subsystem in Mac OS 10.2.8 and 10.3.2 allows local users to modify network settings, a different vulnerability than CVE-2004-0088. | ||||
| CVE-2001-0806 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages. | ||||
| CVE-2005-2518 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Buffer overflow in servermgrd in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication. | ||||
| CVE-2001-1447 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) "recent items" and (2) "services" menus, which causes the applications to run with root privileges. | ||||
| CVE-2003-0242 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies. | ||||
| CVE-2005-0970 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with escalated privileges via vulnerable scripts. | ||||
| CVE-2005-0974 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Unknown vulnerability in the nfs_mount call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments. | ||||
| CVE-2006-1450 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes. | ||||
| CVE-2005-0985 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Unspecified vulnerability in the Mac OS X kernel before 10.3.8 allows local users to cause a denial of service (temporary hang) via unspecified attack vectors related to the fan control unit (FCU) driver. | ||||
| CVE-2006-1441 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows remote attackers to execute arbitrary code via crafted chunked transfer encoding. | ||||
| CVE-2005-1043 | 7 Apple, Conectiva, Peachtree and 4 more | 8 Mac Os X, Mac Os X Server, Linux and 5 more | 2025-04-03 | N/A |
| exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. | ||||
| CVE-2003-0088 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debugging information. | ||||
| CVE-2003-0171 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program. | ||||
| CVE-2004-0090 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Unknown vulnerability in Windows File Sharing for Mac OS X 10.1.5 through 10.3.2 does not "shutdown properly," which has unknown impact and attack vectors. | ||||
| CVE-2006-1442 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if the client application has not directly requested it, which allows attackers to execute arbitrary code from an untrusted bundle. | ||||
| CVE-2006-1448 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Finder in Apple Mac OS X 10.3.9 and 10.4.6 allows user-assisted attackers to execute arbitrary code by tricking a user into launching an Internet Location item that appears to use a safe URL scheme, but which actually has a different and more risky scheme. | ||||