Filtered by vendor Apple
Subscribe
Total
13220 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3224 | 1 Apple | 1 Safari | 2025-04-03 | 5.4 MEDIUM | N/A |
| Apple Safari 2.0.3 (417.9.3) on Mac OS X 10.4.6 allows remote attackers to cause a denial of service (CPU consumption) via Javascript with an infinite for loop. NOTE: it could be argued that this is not a vulnerability, unless it interferes with the operation of the system outside of the scope of Safari itself. | |||||
| CVE-2006-4386 | 1 Apple | 1 Quicktime | 2025-04-03 | 5.1 MEDIUM | N/A |
| Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie, a different issue than CVE-2006-4381. | |||||
| CVE-2005-0127 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine. | |||||
| CVE-2005-1430 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 3.6 LOW | N/A |
| Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users. | |||||
| CVE-2005-2194 | 1 Apple | 1 Mac Os X | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Apple Mac OS X kernel before 10.4.2 allows remote attackers to cause a denial of service (kernel panic) via a crafted TCP packet, possibly related to source routing or loose source routing. | |||||
| CVE-2005-1721 | 1 Apple | 1 Afp Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the legacy client support for AFP Server for Mac OS X 10.4.1 allows attackers to execute arbitrary code. | |||||
| CVE-2005-2504 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.2 HIGH | N/A |
| The System Profiler in Mac OS X 10.4.2 labels a Bluetooth device with "Requires Authentication: No" even when the user has selected the "Require pairing for security" option, which could confuse users about which setting is valid. | |||||
| CVE-2005-1331 | 1 Apple | 3 Applescript, Mac Os X, Mac Os X Server | 2025-04-03 | 5.1 MEDIUM | N/A |
| The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs. | |||||
| CVE-2006-0395 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 5.1 MEDIUM | N/A |
| The Download Validation in Mail in Mac OS X 10.4 does not properly recognize attachment file types to warn a user of an unsafe type, which allows user-assisted remote attackers to execute arbitrary code via crafted file types. | |||||
| CVE-2004-0924 | 2 Apple, Easy Software Products | 3 Mac Os X, Mac Os X Server, Cups | 2025-04-03 | 5.0 MEDIUM | N/A |
| NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial root login, reports the root account as being disabled, even when it has not. | |||||
| CVE-2005-1720 | 1 Apple | 1 Afp Server | 2025-04-03 | 2.1 LOW | N/A |
| AFP Server for Mac OS X 10.4.1, when using an ACL enabled volume, does not properly remove an ACL when a file is copied to a directory that does not use ACLs, which will override the POSIX file permissions for that ACL. | |||||
| CVE-2002-1367 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2025-04-03 | 10.0 HIGH | N/A |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate for the administration server via a "need authorization" page, as demonstrated by new-coke. | |||||
| CVE-2005-4678 | 1 Apple | 1 Safari | 2025-04-03 | 5.0 MEDIUM | N/A |
| Apple Safari 2.0.2 (aka 416.12) allows remote attackers to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2003-0054 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2025-04-03 | 7.5 HIGH | N/A |
| Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed using a browser. | |||||
| CVE-2005-1307 | 2 Adobe, Apple | 2 Version Cue, Mac Os X | 2025-04-03 | 7.2 HIGH | N/A |
| The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory. | |||||
| CVE-2003-0171 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.2 HIGH | N/A |
| DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program. | |||||
| CVE-2005-1333 | 1 Apple | 1 Mac Os X | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files. | |||||
| CVE-2003-1006 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter. | |||||
| CVE-2005-0716 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable. | |||||
| CVE-2002-1369 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2025-04-03 | 10.0 HIGH | N/A |
| jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | |||||