Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Apple Subscribe
Filtered by product Mac Os X Server
Total 817 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-1027 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 4.3 MEDIUM N/A
Apple Filing Protocol (AFP) Server in Apple Mac OS X before 10.5.3 does not verify that requested files and directories are inside shared folders, which allows remote attackers to read arbitrary files via unspecified AFP traffic.
CVE-2008-3645 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 7.2 HIGH N/A
Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Networking component) in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors.
CVE-2009-2205 1 Apple 5 Java 1.4, Java 1.5, Java 1.6 and 2 more 2025-04-09 6.8 MEDIUM N/A
Stack-based buffer overflow in the Java Web Start command launcher in Java for Mac OS X 10.5 before Update 5 allows attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
CVE-2006-6126 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 2.1 LOW N/A
Apple Mac OS X allows local users to cause a denial of service (memory corruption) via a crafted Mach-O binary with a malformed load_command data structure.
CVE-2008-0054 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 6.4 MEDIUM N/A
Foundation in Apple Mac OS X 10.4.11 might allow context-dependent attackers to execute arbitrary code via a malformed selector name to the NSSelectorFromString API, which causes an "unexpected selector" to be used.
CVE-2009-2814 1 Apple 1 Mac Os X Server 2025-04-09 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Wiki Server in Apple Mac OS X 10.5.8 allows remote attackers to inject arbitrary web script or HTML via a search request containing data that does not use UTF-8 encoding.
CVE-2007-0747 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 7.2 HIGH N/A
load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mounting a WebDAV filesystem, which allows local users to gain privileges by setting unspecified environment variables.
CVE-2007-0729 1 Apple 3 Mac Os X, Mac Os X Preview.app, Mac Os X Server 2025-04-09 7.2 HIGH N/A
Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment before executing commands, which allows local users to gain privileges by setting unspecified environment variables.
CVE-2008-3621 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 9.3 HIGH N/A
VideoConference in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving H.264 encoded media.
CVE-2009-0011 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 7.2 HIGH N/A
Certificate Assistant in Apple Mac OS X 10.5.6 allows local users to overwrite arbitrary files via unknown vectors related to an "insecure file operation" on a temporary file.
CVE-2007-0724 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 6.9 MEDIUM N/A
The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console.
CVE-2007-0722 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 6.8 MEDIUM N/A
Integer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted AppleSingleEncoding disk image.
CVE-2008-4219 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 4.9 MEDIUM N/A
The kernel in Apple Mac OS X before 10.5.6 allows local users to cause a denial of service (infinite loop and system halt) by running an application that is dynamically linked to libraries on an NFS server, related to occurrence of an exception in this application.
CVE-2006-6353 1 Apple 3 Bomarchivehelper, Mac Os X, Mac Os X Server 2025-04-09 5.0 MEDIUM N/A
Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X allow user-assisted remote attackers to cause a denial of service (application crash) via unspecified vectors related to (1) certain KERN_PROTECTION_FAILURE thread crashes and (2) certain KERN_INVALID_ADDRESS thread crashes, as discovered with the "iSec Partners FileP fuzzer".
CVE-2007-0751 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 2.1 LOW N/A
A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command.
CVE-2009-0155 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 6.8 MEDIUM N/A
Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file that triggers a heap-based buffer overflow.
CVE-2007-2403 1 Apple 3 Cfnetwork, Mac Os X, Mac Os X Server 2025-04-09 6.8 MEDIUM N/A
CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers.
CVE-2009-2804 2 Apple, Microsoft 4 Mac Os X, Mac Os X Server, Safari and 1 more 2025-04-09 6.8 MEDIUM N/A
Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, and Safari before 4.0.4 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ColorSync profile embedded in an image, leading to a heap-based buffer overflow.
CVE-2008-2321 1 Apple 3 Coregraphics, Mac Os X, Mac Os X Server 2025-04-09 9.3 HIGH N/A
Unspecified vulnerability in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unknown vectors involving "processing of arguments."
CVE-2008-2329 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 1.9 LOW N/A
Directory Services in Apple Mac OS X 10.5 through 10.5.4, when Active Directory is used, allows attackers to enumerate user names via wildcard characters in the Login Window.