Total
5568 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2746 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message contents when using auto-reply rules, which could cause Mail.app to include decrypted message contents for encrypted messages. | |||||
| CVE-2004-1086 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows remote attackers to execute arbitrary code via a crafted PostScript input file. | |||||
| CVE-2005-2518 | 1 Apple | 1 Mac Os X | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in servermgrd in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication. | |||||
| CVE-2003-0694 | 11 Apple, Compaq, Freebsd and 8 more | 18 Mac Os X, Mac Os X Server, Tru64 and 15 more | 2025-04-03 | 10.0 HIGH | N/A |
| The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | |||||
| CVE-2006-1552 | 1 Apple | 4 Imageio, Mac Os X, Mac Os X Server and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom". | |||||
| CVE-2005-1336 | 1 Apple | 1 Mac Os X | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable. | |||||
| CVE-2006-0396 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 5.1 MEDIUM | N/A |
| Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when patched with Security Update 2006-001, allows remote attackers to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format, which triggers the overflow when the user double-clicks on an attachment. | |||||
| CVE-2004-0514 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.2 HIGH | N/A |
| Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups." | |||||
| CVE-2005-1260 | 4 Apple, Bzip, Canonical and 1 more | 4 Mac Os X, Bzip2, Ubuntu Linux and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb"). | |||||
| CVE-2004-0382 | 1 Apple | 1 Mac Os X | 2025-04-03 | 7.2 HIGH | N/A |
| Unknown vulnerability in the CUPS printing system in Mac OS X 10.3.3 and Mac OS X 10.2.8 with unknown impact, possibly related to a configuration file setting. | |||||
| CVE-2002-0676 | 1 Apple | 1 Mac Os X | 2025-04-03 | 7.5 HIGH | N/A |
| SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via techniques such as DNS spoofing or cache poisoning, and supplying Trojan Horse updates. | |||||
| CVE-2004-1089 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users. | |||||
| CVE-2006-0382 | 1 Apple | 1 Mac Os X | 2025-04-03 | 2.1 LOW | N/A |
| Apple Mac OS X 10.4.5 and allows local users to cause a denial of service (crash) via an undocumented system call. | |||||
| CVE-2005-2752 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 2.1 LOW | N/A |
| An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406. | |||||
| CVE-2004-0112 | 24 4d, Apple, Avaya and 21 more | 65 Webstar, Mac Os X, Mac Os X Server and 62 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. | |||||
| CVE-2003-0975 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2025-04-03 | 5.0 MEDIUM | N/A |
| Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | |||||
| CVE-2005-1728 | 1 Apple | 1 Mac Os X | 2025-04-03 | 4.6 MEDIUM | N/A |
| MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credentials, which allows local users to obtain the credentials. | |||||
| CVE-2005-1342 | 1 Apple | 2 Mac Os X, Terminal | 2025-04-03 | 7.5 HIGH | N/A |
| The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands. | |||||
| CVE-2006-0388 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 2.6 LOW | N/A |
| Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources. | |||||
| CVE-2005-2741 | 2 Apple, Perry Kiehtreiber | 3 Mac Os X, Mac Os X Server, Securityd | 2025-04-03 | 7.2 HIGH | N/A |
| Authorization Services in securityd for Apple Mac OS X 10.3.9 allows local users to gain privileges by granting themselves certain rights that should be restricted to administrators. | |||||