Search Results (5617 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1330 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception.
CVE-2005-1689 4 Apple, Debian, Mit and 1 more 5 Mac Os X, Mac Os X Server, Debian Linux and 2 more 2026-04-16 9.8 Critical
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
CVE-2003-1009 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain privileges.
CVE-2003-0198 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files.
CVE-2003-0242 1 Apple 1 Mac Os X 2026-04-16 N/A
IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies.
CVE-2001-0720 1 Apple 1 Mac Os X 2026-04-16 N/A
Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attackers to execute arbitrary commands by causing a BinHex or MacBinary file type to be downloaded, which causes the files to be executed if automatic decoding is enabled.
CVE-2003-0466 7 Apple, Freebsd, Netbsd and 4 more 10 Mac Os X, Mac Os X Server, Freebsd and 7 more 2026-04-16 9.8 Critical
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVE-2003-0420 1 Apple 1 Mac Os X Server 2026-04-16 N/A
Information leak in dsimportexport for Apple Macintosh OS X Server 10.2.6 allows local users to obtain the username and password of the account running the tool.
CVE-2006-3502 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Unspecified vulnerability in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image that triggers a memory allocation failure that is not properly handled.
CVE-2005-1335 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner."
CVE-2006-3504 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "safe", which could allow attackers to execute Javascript code in local context when the "Open 'safe' files after downloading" option is enabled in Safari.
CVE-2001-1411 1 Apple 1 Mac Os X 2026-04-16 N/A
Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs.
CVE-2005-1473 1 Apple 1 Mac Os X 2026-04-16 N/A
SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field.
CVE-2006-3509 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service (crash) or execute arbitrary code in third-party wireless software that uses the API via crafted frames.
CVE-2005-1341 1 Apple 3 Mac Os X, Mac Os X Server, Terminal 2026-04-16 N/A
Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences.
CVE-2005-1933 1 Apple 1 Mac Os X 2026-04-16 N/A
Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier (CFBundleIdentifier), a different vulnerability than CVE-2005-1474.
CVE-2001-0766 2 Apache, Apple 2 Http Server, Mac Os X 2026-04-16 9.8 Critical
Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters.
CVE-2005-0715 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Drop Boxes," which allows local users to read the contents of a Drop Box.
CVE-2005-1260 5 Apple, Bzip, Canonical and 2 more 5 Mac Os X, Bzip2, Ubuntu Linux and 2 more 2026-04-16 N/A
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
CVE-2002-1270 1 Apple 1 Mac Os X 2026-04-16 N/A
Mac OS X 10.2.2 allows local users to read files that only allow write access via the map_fd() Mach system call.