Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X
Subscriptions
Total
5568 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0806 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages. | ||||
| CVE-2001-1411 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs. | ||||
| CVE-2001-1412 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument. | ||||
| CVE-2001-1446 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Find-By-Content in Mac OS X 10.0 through 10.0.4 creates world-readable index files named .FBCIndex in every directory, which allows remote attackers to learn the contents of files in web accessible directories. | ||||
| CVE-2006-1471 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a syslog call in the logging facility, as demonstrated by using a crafted plist file. | ||||
| CVE-2005-2511 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Unknown vulnerability in Mac OS X 10.4.2 and earlier, when using Kerberos authentication with LDAP, allows attackers to gain access to a root Terminal window. | ||||
| CVE-2006-1470 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error. | ||||
| CVE-2006-1469 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image. | ||||
| CVE-2005-1728 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credentials, which allows local users to obtain the credentials. | ||||
| CVE-2005-1689 | 4 Apple, Debian, Mit and 1 more | 5 Mac Os X, Mac Os X Server, Debian Linux and 2 more | 2025-04-03 | 9.8 Critical |
| Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions. | ||||
| CVE-2006-1466 | 1 Apple | 2 Mac Os X, Xcode | 2025-04-03 | N/A |
| Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects plugin, allows remote attackers to access or modify WebObjects projects through a network service. | ||||
| CVE-2005-1339 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name. | ||||
| CVE-2003-0975 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2025-04-03 | N/A |
| Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | ||||
| CVE-2005-2752 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406. | ||||
| CVE-2003-0804 | 3 Apple, Freebsd, Openbsd | 4 Mac Os X, Mac Os X Server, Freebsd and 1 more | 2025-04-03 | N/A |
| The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests. | ||||
| CVE-2005-2751 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| memberd in Mac OS X 10.4 up to 10.4.2, in certain situations, does not quickly synchronize access control checks with changes in group membership, which could allow users to access files and other resources after they have been removed from a group. | ||||
| CVE-2005-2742 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| SecurityAgent in Apple Mac OS X 10.4.2, under certain circumstances, can cause the "Switch User..." button to appear even though the "Enable fast user switching" setting is disabled, which can allow attackers with physical access to gain access to the desktop and bypass the "Require password to wake this computer from sleep or screen saver" setting. | ||||
| CVE-2005-2741 | 2 Apple, Perry Kiehtreiber | 3 Mac Os X, Mac Os X Server, Securityd | 2025-04-03 | N/A |
| Authorization Services in securityd for Apple Mac OS X 10.3.9 allows local users to gain privileges by granting themselves certain rights that should be restricted to administrators. | ||||
| CVE-2005-1430 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users. | ||||
| CVE-2005-1472 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce the permissions of certain directories without the POSIX read bit set, but with the execute bits set for group or other, which allows local users to list files in otherwise restricted directories. | ||||