Export limit exceeded: 13448 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13448 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0513 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact and attack vectors related to "logging when tracing system calls." | ||||
| CVE-2004-0383 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Unknown vulnerability in Mail for Mac OS X 10.3.3 and 10.2.8, with unknown impact, related to "the handling of HTML-formatted email." | ||||
| CVE-2006-1455 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, which triggers a null dereference. | ||||
| CVE-2006-1454 | 1 Apple | 1 Quicktime | 2025-04-03 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file with malformed image data. | ||||
| CVE-2002-0659 | 4 Apple, Openssl, Oracle and 1 more | 8 Mac Os X, Openssl, Application Server and 5 more | 2025-04-03 | N/A |
| The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings. | ||||
| CVE-2006-3497 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Unspecified vulnerability in the "compression state handling" in Bom for Apple Mac OS X 10.3.9 and 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Zip archive. | ||||
| CVE-2006-3499 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| The dynamic linker (dyld) in Apple Mac OS X 10.3.9 allows local users to obtain sensitive information via unspecified dynamic linker options that affect the use of standard error (stderr) by privileged applications. | ||||
| CVE-2005-4092 | 1 Apple | 2 Itunes, Quicktime | 2025-04-03 | N/A |
| Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a .mov file with (1) a Movie Resource atom with a large size value, or (2) an stsd atom with a modified Sample Description Table size value, and possibly other vectors involving media files. NOTE: item 1 was originally identified by CVE-2005-4127 for a pre-patch announcement, and item 2 was originally identified by CVE-2005-4128 for a pre-patch announcement. | ||||
| CVE-2006-1460 | 1 Apple | 1 Quicktime | 2025-04-03 | N/A |
| Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime movie (.MOV), as demonstrated via a large size for a udta Atom. | ||||
| CVE-2006-4965 | 1 Apple | 1 Quicktime | 2025-04-03 | N/A |
| Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain. NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer. | ||||
| CVE-2006-1451 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database. | ||||
| CVE-2006-1443 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving conversions from string to file system representation within (1) CFStringGetFileSystemRepresentation or (2) getFileSystemRepresentation:maxLength:withPath in NSFileManager, and possibly other similar API functions. | ||||
| CVE-2004-1084 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2025-04-03 | N/A |
| Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles. | ||||
| CVE-2004-0538 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, which could allow attackers to execute arbitrary code without warning the user. | ||||
| CVE-2004-0165 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges. | ||||
| CVE-2003-0370 | 4 Apple, Kde, Redhat and 1 more | 7 Safari, Kde, Konqueror Embedded and 4 more | 2025-04-03 | N/A |
| Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. | ||||
| CVE-2003-0355 | 2 Apple, Kde | 2 Safari, Konqueror Embedded | 2025-04-03 | N/A |
| Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates. | ||||
| CVE-2002-2326 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain passwords by sniffing network traffic. | ||||
| CVE-2002-1898 | 1 Apple | 2 Mac Os X, Terminal | 2025-04-03 | N/A |
| Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window. | ||||
| CVE-2002-1270 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Mac OS X 10.2.2 allows local users to read files that only allow write access via the map_fd() Mach system call. | ||||