Search Results (5636 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-4681 1 Apple 1 Mac Os X 2026-04-23 N/A
Buffer overflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted directory hierarchy.
CVE-2008-1027 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Apple Filing Protocol (AFP) Server in Apple Mac OS X before 10.5.3 does not verify that requested files and directories are inside shared folders, which allows remote attackers to read arbitrary files via unspecified AFP traffic.
CVE-2007-6723 3 Anonymityanywhere, Apple, Microsoft 3 Tork, Mac Os X, Windows 2026-04-23 N/A
TorK before 0.22, when running on Windows and Mac OS X, installs Privoxy with a configuration file (config.txt or config) that contains insecure (1) enable-remote-toggle and (2) enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration.
CVE-2007-4683 1 Apple 1 Mac Os X 2026-04-23 N/A
Directory traversal vulnerability in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to bypass the chroot mechanism via a relative path when changing the current working directory.
CVE-2008-1028 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Unspecified vulnerability in AppKit in Apple Mac OS X before 10.5 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document file, as demonstrated by opening the document with TextEdit.
CVE-2008-1030 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Integer overflow in the CFDataReplaceBytes function in the CFData API in CoreFoundation in Apple Mac OS X before 10.5.3 allows context-dependent attackers to execute arbitrary code or cause a denial of service (crash) via an invalid length argument, which triggers a heap-based buffer overflow.
CVE-2008-1031 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
CoreGraphics in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document, related to an uninitialized variable.
CVE-2007-4695 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Unspecified "input validation" vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to modify form field values via unknown vectors related to file uploads.
CVE-2008-1032 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.5.3 allows user-assisted remote attackers to execute arbitrary code via an (1) Automator, (2) Help, (3) Safari, or (4) Terminal content type for a downloadable object, which does not trigger a "potentially unsafe" warning message in (a) the Download Validation feature in Mac OS X 10.4 or (b) the Quarantine feature in Mac OS X 10.5.
CVE-2008-1036 2 Apple, Redhat 3 Mac Os X, Mac Os X Server, Enterprise Linux 2026-04-23 N/A
The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character encodings, which might allow remote attackers to conduct cross-site scripting (XSS) attacks.
CVE-2008-0058 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Race condition in the NSURLConnection cache management functionality in Foundation for Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via unspecified manipulations that cause messages to be sent to a deallocated object.
CVE-2007-4699 1 Apple 3 Mac Os X, Mac Os X Server, Safari 2026-04-23 N/A
The default configuration of Safari in Apple Mac OS X 10.4 through 10.4.10 adds a private key to the keychain with permissions that allow other applications to access the key without warning the user, which might allow other applications to bypass intended access restrictions.
CVE-2008-0059 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a crafted XML file, related to "error handling logic."
CVE-2008-0060 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topic_list URL that injects HTML or JavaScript into a topic list page, as demonstrated using a help:runscript link.
CVE-2008-0046 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set access for specific services and applications" radio button that might cause the user to believe that the button is used to restrict access only to specific services and applications, which might allow attackers to bypass intended access restrictions.
CVE-2008-0987 1 Apple 4 Aperture, Iphoto, Mac Os X and 1 more 2026-04-23 N/A
Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2, and Digital Camera RAW Compatibility before Update 2.0 for Aperture 2 and iPhoto 7.1.2, allows remote attackers to execute arbitrary code via a crafted Adobe Digital Negative (DNG) image.
CVE-2008-0990 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
notifyd in Apple Mac OS X 10.4.11 does not verify that Mach port death notifications have originated from the kernel, which allows local users to cause a denial of service via spoofed death notifications that prevent other applications from receiving notifications.
CVE-2009-1042 1 Apple 2 Mac Os X, Safari 2026-04-23 N/A
Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.
CVE-2009-1717 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Integer overflow in Terminal in Apple Mac OS X 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted size value in a CSI[4 xterm resize escape sequence that triggers a heap-based buffer overflow.
CVE-2007-0745 1 Apple 1 Mac Os X Server 2026-04-23 N/A
The Apple Security Update 2007-004 uses an incorrect configuration file for FTPServer in Apple Mac OS X Server 10.4.9, which might allow remote authenticated users to access additional directories.