VYPR

Mac OS X

by Apple Inc.

CVEs (2,090)

  • CVE-2007-0465Jan 31, 2007
    risk 0.04cvss epss 0.18

    Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename.

  • CVE-2007-0464Jan 30, 2007
    risk 0.04cvss epss 0.14

    The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application crash) via a crafted HTTP 301 response, which results in a NULL pointer dereference.

  • CVE-2007-0462Jan 26, 2007
    risk 0.04cvss epss 0.07

    The _GetSrcBits32ARGB function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT image with a…

  • CVE-2007-0355Jan 19, 2007
    risk 0.04cvss epss 0.07

    Buffer overflow in the Apple Minimal SLP v2 Service Agent (slpd) in Mac OS X 10.4.11 and earlier, including 10.4.8, allows local users, and possibly remote attackers, to gain privileges and possibly execute arbitrary code via a registration request with an invalid attr-list…

  • CVE-2007-0197Jan 11, 2007
    risk 0.04cvss epss 0.08

    Finder 10.4.6 on Apple Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long volume name in a DMG disk image, which results in memory corruption.

  • CVE-2006-5710Nov 4, 2006
    risk 0.04cvss epss 0.18

    The Airport driver for certain Orinoco based Airport cards in Darwin kernel 8.8.0 in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via an 802.11 probe response frame without any valid information element (IE) fields after…

  • CVE-2006-1470Jun 27, 2006
    risk 0.04cvss epss 0.08

    OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error.

  • CVE-2006-2277May 10, 2006
    risk 0.04cvss epss 0.07

    Multiple Apple Mac OS X 10.4 applications might allow context-dependent attackers to cause a denial of service (application crash) via a crafted OpenEXR (.exr) image file, which triggers the crash when opening a folder using Finder, displaying the image in Safari, or using…

  • CVE-2006-1985Apr 21, 2006
    risk 0.04cvss epss 0.14

    Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop…

  • CVE-2006-0396Mar 14, 2006
    risk 0.04cvss epss 0.11

    Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when patched with Security Update 2006-001, allows remote attackers to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format, which triggers the overflow when the user…

  • CVE-2005-4504Dec 22, 2005
    risk 0.04cvss epss 0.12

    The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute…

  • CVE-2005-1333May 4, 2005
    risk 0.04cvss epss 0.07

    Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files.

  • CVE-2004-0486Jul 7, 2004
    risk 0.04cvss epss 0.10

    HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a…

  • CVE-2002-1368Dec 26, 2002
    risk 0.04cvss epss 0.15

    Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2)…

  • CVE-2015-7110Dec 11, 2015
    risk 0.03cvss epss 0.01

    The Disk Images component in Apple OS X before 10.11.2 and tvOS before 9.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted disk image.

  • CVE-2015-7108Dec 11, 2015
    risk 0.03cvss epss 0.01

    The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

  • CVE-2015-7106Dec 11, 2015
    risk 0.03cvss epss 0.01

    The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

  • CVE-2015-7084Dec 11, 2015
    risk 0.03cvss epss 0.01

    The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083.

  • CVE-2015-7083Dec 11, 2015
    risk 0.03cvss epss 0.01

    The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084.

  • CVE-2015-7078Dec 11, 2015
    risk 0.03cvss epss 0.01

    Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects.

Page 33 of 105