Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X Server
Subscriptions
Total
817 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2004-0539 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-08 | N/A |
The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute downloaded applications, which could allow remote attackers to execute arbitrary code. | ||||
CVE-2004-0515 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-08 | N/A |
Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of console log files." | ||||
CVE-2004-0516 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-08 | N/A |
Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vulnerability than CVE-2004-0517. | ||||
CVE-2004-0517 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-08 | N/A |
Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package installation," a different vulnerability than CVE-2004-0516. | ||||
CVE-2004-0518 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-08 | N/A |
Unknown vulnerability in AppleFileServer for Mac OS X 10.3.4, related to "the use of SSH and reporting errors," has unknown impact and attack vectors. | ||||
CVE-2004-0514 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-08 | N/A |
Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups." | ||||
CVE-2004-0486 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-08 | N/A |
HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a help: URI handler. | ||||
CVE-2004-0428 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-08 | N/A |
Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact. | ||||
CVE-2004-0430 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-08 | N/A |
Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field. | ||||
CVE-2004-0165 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-08 | N/A |
Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges. | ||||
CVE-2004-0168 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-08 | N/A |
Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging." | ||||
CVE-2004-0167 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-08 | N/A |
DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initialize writeable removable media. | ||||
CVE-2004-0112 | 24 4d, Apple, Avaya and 21 more | 65 Webstar, Mac Os X, Mac Os X Server and 62 more | 2024-08-08 | N/A |
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. | ||||
CVE-2004-0166 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-08 | N/A |
Unknown vulnerability in Safari web browser for Mac OS X 10.2.8 related to "the display of URLs in the status bar." | ||||
CVE-2004-0079 | 23 4d, Apple, Avaya and 20 more | 67 Webstar, Mac Os X, Mac Os X Server and 64 more | 2024-08-08 | 7.5 High |
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | ||||
CVE-2004-0081 | 23 4d, Apple, Avaya and 20 more | 67 Webstar, Mac Os X, Mac Os X Server and 64 more | 2024-08-08 | N/A |
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | ||||
CVE-2005-4504 | 1 Apple | 4 Mac Os X, Mac Os X Server, Safari and 1 more | 2024-08-07 | N/A |
The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag. | ||||
CVE-2005-4217 | 1 Apple | 1 Mac Os X Server | 2024-08-07 | N/A |
Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges when using the "$<" variable to set uid, which allows attackers to gain privileges. | ||||
CVE-2005-3712 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated users to execute arbitrary code via long extended attributes. | ||||
CVE-2005-3702 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be downloaded to locations outside the download directory via a long file name. |