Export limit exceeded: 14253 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14253 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0042 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Argument injection vulnerability in Terminal.app in Terminal in Apple Mac OS X 10.4.11 and 10.5 through 10.5.1 allows remote attackers to execute arbitrary code via unspecified URL schemes. | ||||
| CVE-2008-0043 | 1 Apple | 1 Iphoto | 2026-04-23 | N/A |
| Format string vulnerability in Apple iPhoto before 7.1.2 allows remote attackers to execute arbitrary code via photocast subscriptions. | ||||
| CVE-2008-0047 | 3 Apple, Cups, Redhat | 4 Mac Os X, Mac Os X Server, Cups and 1 more | 2026-04-23 | N/A |
| Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions. | ||||
| CVE-2008-0052 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| CoreServices in Apple Mac OS X 10.4.11 treats .ief as a safe file type, which allows remote attackers to force Safari users into opening an .ief file in AppleWorks, even when the "Open 'Safe' files" preference is set. | ||||
| CVE-2008-0054 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Foundation in Apple Mac OS X 10.4.11 might allow context-dependent attackers to execute arbitrary code via a malformed selector name to the NSSelectorFromString API, which causes an "unexpected selector" to be used. | ||||
| CVE-2008-0051 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Integer overflow in CoreFoundation in Apple Mac OS X 10.4.11 might allow local users to execute arbitrary code via crafted time zone data. | ||||
| CVE-2008-0053 | 2 Apple, Redhat | 2 Cups, Enterprise Linux | 2026-04-23 | N/A |
| Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file. | ||||
| CVE-2007-5045 | 2 Apple, Mozilla | 2 Quicktime, Firefox | 2026-04-23 | N/A |
| Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, when running on systems with Mozilla Firefox before 2.0.0.7 installed, allows remote attackers to execute arbitrary commands via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter containing the Firefox "-chrome" argument. NOTE: this is a related issue to CVE-2006-4965 and the result of an incomplete fix for CVE-2007-3670. | ||||
| CVE-2007-6359 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return NULL. | ||||
| CVE-2007-6261 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinite loop) via a crafted Mach-O binary. | ||||
| CVE-2007-6276 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112. | ||||
| CVE-2007-5856 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Quick Look Apple Mac OS X 10.5.1, when previewing an HTML file, does not prevent plug-ins from making network requests, which might allow remote attackers to obtain sensitive information. | ||||
| CVE-2007-5847 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Race condition in the CFURLWriteDataAndPropertiesToResource API in Core Foundation in Apple Mac OS X 10.4.11 creates files with insecure permissions, which might allow local users to obtain sensitive information. | ||||
| CVE-2007-5848 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service. | ||||
| CVE-2007-5849 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2026-04-23 | N/A |
| Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow. | ||||
| CVE-2007-5850 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Heap-based buffer overflow in Desktop Services in Apple Mac OS X 10.4.11 allows user-assisted attackers to execute arbitrary code via a directory with a crafted .DS_Store file. | ||||
| CVE-2007-5851 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically initiate a video connection to another user via unknown vectors. | ||||
| CVE-2007-5853 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Unspecified vulnerability in IO Storage Family in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (system shutdown) or execute arbitrary code via a disk image with crafted GUID partition maps, which triggers memory corruption. | ||||
| CVE-2007-5855 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Mail in Apple Mac OS X 10.4.11 and 10.5.1, when an SMTP account has been set up using Account Assistant, can use plaintext authentication even when MD5 Challenge-Response authentication is available, which makes it easier for remote attackers to sniff account activity. | ||||
| CVE-2007-5901 | 3 Apple, Mit, Redhat | 4 Mac Os X, Mac Os X Server, Kerberos 5 and 1 more | 2026-04-23 | N/A |
| Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code. | ||||