Filtered by vendor Apple Subscriptions
Filtered by product Mac Os X Server Subscriptions

Search

Switch to Advanced Search (Beta)
Total 817 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2008-2310 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string in (1) C++ or (2) Java source code.
CVE-2009-0149 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image that triggers memory corruption.
CVE-2008-2322 1 Apple 3 Coregraphics, Mac Os X, Mac Os X Server 2025-04-09 N/A
Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11, 10.5.2, and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF file with a long Type 1 font, which triggers a heap-based buffer overflow.
CVE-2009-1726 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image containing an embedded ColorSync profile.
CVE-2009-0155 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file that triggers a heap-based buffer overflow.
CVE-2007-0735 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving crafted web pages that trigger certain error conditions that are not properly reported in certain circumstances, resulting in accessing deallocated memory.
CVE-2009-2188 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Buffer overflow in ImageIO in Apple Mac OS X 10.5 before 10.5.8, and Safari before 4.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with crafted EXIF metadata.
CVE-2009-2190 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
launchd in Apple Mac OS X 10.5 before 10.5.8 allows remote attackers to cause a denial of service (individual service outage) by making many connections to an inetd-based launchd service.
CVE-2009-2191 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Format string vulnerability in Login Window in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in an application name.
CVE-2009-2200 2 Apple, Microsoft 5 Mac Os X, Mac Os X Server, Safari and 2 more 2025-04-09 N/A
WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document.
CVE-2009-2205 1 Apple 5 Java 1.4, Java 1.5, Java 1.6 and 2 more 2025-04-09 N/A
Stack-based buffer overflow in the Java Web Start command launcher in Java for Mac OS X 10.5 before Update 5 allows attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
CVE-2009-1238 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and earlier on Apple Mac OS X 10.5.6 and earlier allows local users to cause a denial of service (kernel memory corruption) by simultaneously executing the same HFS_SET_PKG_EXTENSIONS code path in multiple threads, which is problematic because of lack of mutex locking for an unspecified global variable.
CVE-2008-2330 1 Apple 1 Mac Os X Server 2025-04-09 N/A
slapconfig in Directory Services in Apple Mac OS X 10.5 through 10.5.4 allows local users to select a readable output file into which the server password will be written by an OpenLDAP system administrator, related to the mkfifo function, aka an "insecure file operation issue."
CVE-2009-2807 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors.
CVE-2008-3608 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted JPEG image with an embedded ICC profile.
CVE-2009-2803 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a file with a crafted resource fork.
CVE-2009-2805 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JBIG2 stream in a PDF file, leading to a heap-based buffer overflow.
CVE-2009-2812 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Launch Services in Apple Mac OS X 10.5.8 does not properly recognize an unsafe Uniform Type Identifier (UTI) in an exported document type in a downloaded application, which allows remote attackers to trigger the automatic opening of a file, and execute arbitrary code, via a crafted web site.
CVE-2009-2814 1 Apple 1 Mac Os X Server 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the Wiki Server in Apple Mac OS X 10.5.8 allows remote attackers to inject arbitrary web script or HTML via a search request containing data that does not use UTF-8 encoding.
CVE-2009-2824 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code via a crafted embedded font in a document.