Search Results (14587 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1343 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument.
CVE-2004-0822 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable.
CVE-2004-0720 1 Apple 1 Safari 2026-04-16 N/A
Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
CVE-2005-1342 1 Apple 2 Mac Os X, Terminal 2026-04-16 N/A
The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands.
CVE-2004-0516 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vulnerability than CVE-2004-0517.
CVE-2004-0513 1 Apple 1 Mac Os X 2026-04-16 N/A
Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact and attack vectors related to "logging when tracing system calls."
CVE-2005-0373 6 Apple, Conectiva, Cyrus and 3 more 8 Mac Os X, Mac Os X Server, Linux and 5 more 2026-04-16 N/A
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.
CVE-2005-0234 1 Apple 1 Safari 2026-04-16 N/A
The International Domain Name (IDN) support in Safari 1.2.5 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
CVE-2001-0198 1 Apple 1 Quicktime 2026-04-16 N/A
Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag.
CVE-2000-0563 1 Apple 1 Mac Os Runtime For Java 2026-04-16 N/A
The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model.
CVE-2005-0972 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to execute arbitrary code via crafted parameters.
CVE-2004-0926 2 Apple, Easy Software Products 3 Mac Os X, Mac Os X Server, Cups 2026-04-16 N/A
Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image.
CVE-2005-0969 1 Apple 1 Mac Os X 2026-04-16 N/A
Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via crafted parameters.
CVE-2001-0068 1 Apple 1 Mac Os Runtime For Java 2026-04-16 N/A
Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use malicious applets to read files outside of the CODEBASE context via the ARCHIVE applet parameter.
CVE-2004-0921 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2026-04-16 N/A
AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets.
CVE-2005-1333 1 Apple 1 Mac Os X 2026-04-16 N/A
Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files.
CVE-2005-1430 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users.
CVE-2005-4217 1 Apple 1 Mac Os X Server 2026-04-16 N/A
Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges when using the "$<" variable to set uid, which allows attackers to gain privileges.
CVE-2005-2594 1 Apple 1 Safari 2026-04-16 N/A
Apple Safari 1.3 (132) on Mac OS X 1.3.9 allows remote attackers to cause a denial of service (crash) via certain Javascript, possibly involving a function that defines a handler for itself within the function body.
CVE-2006-3224 1 Apple 1 Safari 2026-04-16 N/A
Apple Safari 2.0.3 (417.9.3) on Mac OS X 10.4.6 allows remote attackers to cause a denial of service (CPU consumption) via Javascript with an infinite for loop. NOTE: it could be argued that this is not a vulnerability, unless it interferes with the operation of the system outside of the scope of Safari itself.