Search Results (5636 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-0737 1 Apple 1 Mac Os X 2026-04-23 N/A
The Login Window in Apple Mac OS X 10.3.9 through 10.4.9 does not properly check certain environment variables, which allows local users to gain privileges via unspecified vectors.
CVE-2008-1031 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
CoreGraphics in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document, related to an uninitialized variable.
CVE-2008-0040 1 Apple 1 Mac Os X 2026-04-23 N/A
Unspecified vulnerability in NFS in Apple Mac OS X 10.5 through 10.5.1 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via unknown vectors related to mbuf chains that trigger memory corruption.
CVE-2008-0058 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Race condition in the NSURLConnection cache management functionality in Foundation for Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via unspecified manipulations that cause messages to be sent to a deallocated object.
CVE-2008-4220 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Integer overflow in the inet_net_pton API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. NOTE: this may be related to the WLB-2008080064 advisory published by SecurityReason on 20080822; however, as of 20081216, there are insufficient details to be sure.
CVE-2008-3617 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Remote Management and Screen Sharing in Apple Mac OS X 10.5 through 10.5.4, when used to set a password for a VNC viewer, displays additional input characters beyond the maximum password length, which might make it easier for attackers to guess passwords that the user believed were longer.
CVE-2008-4221 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
The strptime API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted date string, related to improper memory allocation.
CVE-2008-4222 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
natd in network_cmds in Apple Mac OS X before 10.5.6, when Internet Sharing is enabled, allows remote attackers to cause a denial of service (infinite loop) via a crafted TCP packet.
CVE-2007-0738 1 Apple 1 Mac Os X 2026-04-23 N/A
The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not display the screen saver authentication dialog in certain circumstances when waking from sleep, even though the "require a password to wake the computer from sleep" option is enabled, which allows local users to bypass authentication controls.
CVE-2008-4223 1 Apple 1 Mac Os X Server 2026-04-23 N/A
Podcast Producer in Apple Mac OS X 10.5 before 10.5.6 allows remote attackers to bypass authentication and gain administrative access via unspecified vectors.
CVE-2008-3619 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Time Machine in Apple Mac OS X 10.5 through 10.5.4 uses weak permissions for Time Machine Backup log files, which allows local users to obtain sensitive information by reading these files.
CVE-2009-1042 1 Apple 2 Mac Os X, Safari 2026-04-23 N/A
Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.
CVE-2007-0747 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mounting a WebDAV filesystem, which allows local users to gain privileges by setting unspecified environment variables.
CVE-2008-4224 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
UDF in Apple Mac OS X before 10.5.6 allows user-assisted attackers to cause a denial of service (system crash) via a malformed UDF volume in a crafted ISO file.
CVE-2008-4237 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Managed Client in Apple Mac OS X before 10.5.6 sometimes misidentifies a system when installing per-host configuration settings, which allows context-dependent attackers to have an unspecified impact by leveraging unintended settings, as demonstrated by the screen saver lock setting.
CVE-2008-3621 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
VideoConference in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving H.264 encoded media.
CVE-2008-3624 2 Apple, Microsoft 5 Mac Os X, Quicktime, Windows-nt and 2 more 2026-04-23 N/A
Heap-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a QuickTime Virtual Reality (QTVR) movie file with crafted panorama atoms.
CVE-2008-0992 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value.
CVE-2009-1726 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image containing an embedded ColorSync profile.
CVE-2008-0052 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
CoreServices in Apple Mac OS X 10.4.11 treats .ief as a safe file type, which allows remote attackers to force Safari users into opening an .ief file in AppleWorks, even when the "Open 'Safe' files" preference is set.