Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X Server
Subscriptions
Total
817 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-3462 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP volume or Time Capsule, which allows remote attackers to obtain sensitive information contained in new backups by spoofing this storage object, a different vulnerability than CVE-2010-1803. | ||||
| CVE-2011-3449 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| Use-after-free vulnerability in CoreText in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document. | ||||
| CVE-2010-0063 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.6.3 makes it easier for user-assisted remote attackers to execute arbitrary JavaScript via a web page that offers a download with a Content-Type value that is not on the list of possibly unsafe content types for Safari, as demonstrated by the values for the (1) .ibplugin and (2) .url extensions. | ||||
| CVE-2005-2511 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| Unknown vulnerability in Mac OS X 10.4.2 and earlier, when using Kerberos authentication with LDAP, allows attackers to gain access to a root Terminal window. | ||||
| CVE-2011-3444 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| Address Book in Apple Mac OS X before 10.7.3 automatically switches to unencrypted sessions upon failure of encrypted connections, which allows remote attackers to read CardDAV data by terminating an encrypted connection and then sniffing the network. | ||||
| CVE-2013-0966 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI. | ||||
| CVE-2005-0715 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Drop Boxes," which allows local users to read the contents of a Drop Box. | ||||
| CVE-2009-2801 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| The Application Firewall in Apple Mac OS X 10.5.8 drops unspecified firewall rules after a reboot, which might allow remote attackers to bypass intended access restrictions via packet data, related to a "timing issue." | ||||
| CVE-2005-0713 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges. | ||||
| CVE-2010-0501 | 1 Apple | 1 Mac Os X Server | 2024-09-17 | N/A |
| Directory traversal vulnerability in FTP Server in Apple Mac OS X Server before 10.6.3 allows remote authenticated users to read arbitrary files via crafted filenames. | ||||
| CVE-2011-0176 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded Type 1 font. | ||||
| CVE-2010-1382 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote authenticated users to inject arbitrary web script or HTML via crafted Wiki content, related to lack of a charset field. | ||||
| CVE-2011-0217 | 2 Apple, Microsoft | 6 Mac Os X, Mac Os X Server, Safari and 3 more | 2024-09-17 | N/A |
| Apple Safari before 5.0.6 provides AutoFill information to scripts that execute before HTML form submission, which allows remote attackers to obtain Address Book information via a crafted form, as demonstrated by a form that includes non-visible fields. | ||||
| CVE-2010-0064 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| DesktopServices in Apple Mac OS X 10.6 before 10.6.3 preserves file ownership during an authenticated Finder copy, which might allow local users to bypass intended disk-quota restrictions and have unspecified other impact by copying files owned by other users. | ||||
| CVE-2010-0506 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted NEF image. | ||||
| CVE-2004-0922 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2024-09-17 | N/A |
| AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box. | ||||
| CVE-2005-2745 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| Mail.app in Mail for Apple Mac OS X 10.3.9, when using Kerberos 5 for SMTP authentication, can include uninitialized memory in a message, which might allow remote attackers to obtain sensitive information. | ||||
| CVE-2010-0546 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows local users to delete arbitrary folders via a symlink attack in conjunction with an unmount operation on a crafted volume, related to the Cleanup At Startup folder. | ||||
| CVE-2005-2524 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2024-09-17 | N/A |
| Safari after 2.0 in Apple Mac OS X 10.3.9 allows remote attackers to bypass domain restrictions via crafted web archives that cause Safari to render them as if they came from a different site. | ||||
| CVE-2010-1808 | 1 Apple | 3 Apple Type Services, Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document. | ||||