Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X Server
Subscriptions
Total
817 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-1800 | 1 Apple | 3 Cfnetwork, Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses. | ||||
| CVE-2010-1801 | 1 Apple | 3 Coregraphics, Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Heap-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file. | ||||
| CVE-2010-1802 | 1 Apple | 3 Libsecurity, Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con certificate to spoof www.example.com. | ||||
| CVE-2010-1820 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x through 10.6.4 does not properly handle errors, which allows remote attackers to bypass the password requirement for shared-folder access by leveraging knowledge of a valid account name. | ||||
| CVE-2010-1808 | 1 Apple | 3 Apple Type Services, Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document. | ||||
| CVE-2010-1828 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon restart) via crafted reconnect authentication packets. | ||||
| CVE-2010-1829 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Directory traversal vulnerability in AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to execute arbitrary code by creating files that are outside the bounds of a share. | ||||
| CVE-2010-1831 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code via a long name of an embedded font in a document. | ||||
| CVE-2010-1836 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Stack-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document. | ||||
| CVE-2010-1838 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle errors associated with disabled mobile accounts, which allows remote attackers to bypass authentication by providing a valid account name. | ||||
| CVE-2010-1841 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Disk Images in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted UDIF image. | ||||
| CVE-2010-1842 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Buffer overflow in AppKit in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a bidirectional text string with ellipsis truncation. | ||||
| CVE-2010-1846 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RAW image. | ||||
| CVE-2010-1847 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| The kernel in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform memory management associated with terminal devices, which allows local users to cause a denial of service (system crash) via unspecified vectors. | ||||
| CVE-2010-1406 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | N/A |
| WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging, a related issue to CVE-2010-0660. | ||||
| CVE-2011-0260 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| The CoreProcesses component in Apple Mac OS X 10.7 before 10.7.2 does not prevent a system window from receiving keystrokes in the locked-screen state, which might allow physically proximate attackers to bypass intended access restrictions by typing into this window. | ||||
| CVE-2011-3216 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| The kernel in Apple Mac OS X before 10.7.2 does not properly implement the sticky bit for directories, which might allow local users to bypass intended permissions and delete files via an unlink system call. | ||||
| CVE-2011-3214 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| IOGraphics in Apple Mac OS X through 10.6.8 does not properly handle a locked-screen state in display sleep mode for an Apple Cinema Display, which allows physically proximate attackers to bypass the password requirement via unspecified vectors. | ||||
| CVE-2011-3224 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execute arbitrary code by spoofing the http server. | ||||
| CVE-2010-1421 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | N/A |
| The execCommand JavaScript function in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly restrict remote execution of clipboard commands, which allows remote attackers to modify the clipboard via a crafted HTML document. | ||||