Search Results (14587 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0659 4 Apple, Openssl, Oracle and 1 more 8 Mac Os X, Openssl, Application Server and 5 more 2026-04-16 N/A
The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings.
CVE-2002-0666 6 Apple, Freebsd, Frees Wan and 3 more 12 Mac Os X, Mac Os X Server, Freebsd and 9 more 2026-04-16 N/A
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
CVE-2005-4678 1 Apple 1 Safari 2026-04-16 N/A
Apple Safari 2.0.2 (aka 416.12) allows remote attackers to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-3506 1 Apple 3 Mac Os X, Mac Os X Server, Xsan 2026-04-16 N/A
Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7 and OS X Server 10.4.7 allows local users with Xsan write access, to execute arbitrary code via unspecified vectors related to "processing a path name."
CVE-2006-3505 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML document that causes WebKit to access an object that has already been deallocated.
CVE-2003-0426 1 Apple 1 Darwin Streaming Server 2026-04-16 N/A
The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote attackers to set the administrator password and gain privileges before the real administrator.
CVE-2005-2713 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option.
CVE-2006-3504 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "safe", which could allow attackers to execute Javascript code in local context when the "Open 'safe' files after downloading" option is enabled in Safari.
CVE-2005-2739 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password.
CVE-2006-3497 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Unspecified vulnerability in the "compression state handling" in Bom for Apple Mac OS X 10.3.9 and 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Zip archive.
CVE-2005-2742 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
SecurityAgent in Apple Mac OS X 10.4.2, under certain circumstances, can cause the "Switch User..." button to appear even though the "Enable fast user switching" setting is disabled, which can allow attackers with physical access to gain access to the desktop and bypass the "Require password to wake this computer from sleep or screen saver" setting.
CVE-2002-2373 1 Apple 2 Apple Laserwriter, Tcp Ip Configuration Utility 2026-04-16 N/A
The default configuration of the TCP/IP printer configuration utility in Apple LaserWriter 12/640 PS printer contains a blank Telnet password, which allows remote attackers to gain access.
CVE-2005-2754 1 Apple 1 Quicktime 2026-04-16 N/A
Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file with "Improper movie attributes."
CVE-2005-2755 1 Apple 1 Quicktime 2026-04-16 N/A
Apple QuickTime Player before 7.0.3 allows user-assisted attackers to cause a denial of service (crash) via a crafted file with a missing movie attribute, which leads to a null dereference.
CVE-2005-2756 1 Apple 1 Quicktime 2026-04-16 N/A
Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion.
CVE-2004-0430 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field.
CVE-2001-0766 2 Apache, Apple 2 Http Server, Mac Os X 2026-04-16 9.8 Critical
Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters.
CVE-2005-1339 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name.
CVE-2005-2938 1 Apple 1 Itunes 2026-04-16 N/A
Unquoted Windows search path vulnerability in iTunesHelper.exe in iTunes 4.7.1.30 and iTunes 5 for Windows might allow local users to gain privileges via a malicious C:\program.exe file.
CVE-2004-0166 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Unknown vulnerability in Safari web browser for Mac OS X 10.2.8 related to "the display of URLs in the status bar."