Vendor CVEs
Apple Inc.
All CVEs
8,452 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-6359 | 0.03 | — | 0.01 | Dec 15, 2007 | The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return… | |||
| CVE-2007-6261 | 0.03 | — | 0.01 | Dec 6, 2007 | Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinite loop) via a crafted Mach-O binary. | |||
| CVE-2007-4684 | 0.03 | — | 0.01 | Nov 15, 2007 | Integer overflow in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a large num_sels argument to the i386_set_ldt system call. | |||
| CVE-2007-4675 | 0.03 | — | 0.33 | Nov 7, 2007 | Heap-based buffer overflow in the QuickTime VR extension 7.2.0.240 in QuickTime.qts in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a QTVR (QuickTime Virtual Reality) movie file containing a large size field in the atom header of a panorama… | |||
| CVE-2007-5450 | 0.03 | — | 0.05 | Oct 14, 2007 | Unspecified vulnerability in Safari on the Apple iPod touch (aka iTouch) and iPhone 1.1.1 allows user-assisted remote attackers to cause a denial of service (application crash), and enable filesystem browsing by the local user, via a certain TIFF file. | |||
| CVE-2007-4812 | 0.03 | — | 0.03 | Sep 11, 2007 | Buffer overflow in Apple Safari 3.0.3 522.15.5, and other versions before Beta Update 3.0.4, allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact by setting document.location.hash to a long string. NOTE: the crash might… | |||
| CVE-2007-3284 | 0.03 | — | 0.03 | Jun 19, 2007 | corefoundation.dll in Apple Safari 3.0.1 (552.12.2) for Windows allows remote attackers to cause a denial of service (crash) via certain forms that trigger errors related to History, possibly involving multiple form fields with the same name. | |||
| CVE-2007-3186 | 0.03 | — | 0.05 | Jun 12, 2007 | Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute arbitrary commands via shell metacharacters in a URI in the SRC of an IFRAME, as demonstrated using a gopher URI. | |||
| CVE-2007-0752 | 0.03 | — | 0.01 | May 24, 2007 | The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check. | |||
| CVE-2007-0753 | 0.03 | — | 0.01 | May 24, 2007 | Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter. | |||
| CVE-2007-2843 | 0.03 | — | 0.03 | May 24, 2007 | Cross-domain vulnerability in Apple Safari 2.0.4 allows remote attackers to access restricted information from other domains via Javascript, as demonstrated by a js script that accesses the location information of cross-domain web pages, probably involving setTimeout and timed… | |||
| CVE-2007-2580 | 0.03 | — | 0.01 | May 9, 2007 | Unspecified vulnerability in Apple Safari allows local users to obtain sensitive information (saved keychain passwords) via the document.loginform.password.value JavaScript parameter loaded from an AppleScript script. | |||
| CVE-2007-1008 | 0.03 | — | 0.02 | Feb 20, 2007 | Apple iTunes 7.0.2 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted XML list of radio stations, which results in memory corruption. NOTE: iTunes retrieves the XML document from a static URL, which requires an attacker to… | |||
| CVE-2007-0710 | 0.03 | — | 0.03 | Feb 16, 2007 | The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614. | |||
| CVE-2007-0645 | 0.03 | — | 0.02 | Feb 1, 2007 | Format string vulnerability in iPhoto 6.0.5 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling certain Apple AppKit functions. | |||
| CVE-2007-0644 | 0.03 | — | 0.02 | Feb 1, 2007 | Format string vulnerability in Apple Safari 2.0.4 (419.3) allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in filenames that are not properly handled when calling the (1) NSLog and (2) NSBeginAlertSheet Apple AppKit… | |||
| CVE-2007-0647 | 0.03 | — | 0.03 | Feb 1, 2007 | Format string vulnerability in Help Viewer 3.0.0 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSBeginAlertSheet Apple AppKit function. | |||
| CVE-2007-0467 | 0.03 | — | 0.02 | Jan 31, 2007 | crashdump in Apple Mac OS X 10.4.8 allows local users in the admin group to modify arbitrary files or gain privileges via a symlink attack on application logs in /Library/Logs/CrashReporter/. | |||
| CVE-2007-0023 | 0.03 | — | 0.02 | Jan 24, 2007 | The CFUserNotificationSendRequest function in UserNotificationCenter.app in Apple Mac OS X 10.4.8, when used in combination with diskutil, allows local users to gain privileges via a malicious InputManager in Library/InputManagers in a user's home directory, which is executed… | |||
| CVE-2007-0430 | 0.03 | — | 0.01 | Jan 23, 2007 | The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and earlier kernel allows local users to cause a denial of service (memory corruption) via a large mappingCount value. | |||
| CVE-2007-0267 | 0.03 | — | 0.01 | Jan 17, 2007 | The ufs_lookup function in the Mac OS X 10.4.8 and FreeBSD 6.1 kernels allows local users to cause a denial of service (kernel panic) and possibly corrupt other filesystems by mounting a crafted UNIX File System (UFS) DMG image that contains a corrupted directory entry (struct… | |||
| CVE-2007-0229 | 0.03 | — | 0.01 | Jan 13, 2007 | Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes "allocation of a negative size buffer" leading to a heap-based buffer… | |||
| CVE-2007-0117 | 0.03 | — | 0.05 | Jan 9, 2007 | DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) files, which allows attackers to gain privileges via a BOM file under /Library/Receipts/, which triggers arbitrary file permission changes upon… | |||
| CVE-2007-0059 | 0.03 | — | 0.06 | Jan 5, 2007 | Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 allows remote user-assisted attackers to execute arbitrary code and list filesystem contents via a QuickTime movie (.MOV) with an HREF Track (HREFTrack) that contains an automatic action tag with a local URI, which… | |||
| CVE-2006-6173 | 0.03 | — | 0.01 | Nov 30, 2006 | Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number of ranges in the… | |||
| CVE-2006-6130 | 0.03 | — | 0.01 | Nov 28, 2006 | Apple Mac OS X AppleTalk allows local users to cause a denial of service (kernel panic) by calling the AIOCREGLOCALZN ioctl command with a crafted data structure on an AppleTalk socket. | |||
| CVE-2006-6129 | 0.03 | — | 0.01 | Nov 27, 2006 | Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of service and possibly execute arbitrary code via a crafted Mach-O Universal program that triggers memory corruption. | |||
| CVE-2006-6062 | 0.03 | — | 0.05 | Nov 22, 2006 | Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a malformed UDTO HFS+ disk image, such as with "bad sectors," which triggers memory corruption. | |||
| CVE-2006-6015 | 0.03 | — | 0.04 | Nov 21, 2006 | Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote attackers to cause a denial of service (application crash) via a long argument to the exec method of a regular expression. | |||
| CVE-2006-5836 | 0.03 | — | 0.01 | Nov 10, 2006 | The fpathconf syscall function in bsd/kern/kern_descrip.c in the Darwin kernel (XNU) 8.8.1 in Apple Mac OS X allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a file descriptor with an unrecognized file type. | |||
| CVE-2006-4392 | 0.03 | — | 0.02 | Oct 3, 2006 | The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread… | |||
| CVE-2006-3507 | 0.03 | — | 0.01 | Sep 21, 2006 | Multiple stack-based buffer overflows in the AirPort wireless driver on Apple Mac OS X 10.3.9 and 10.4.7 allow physically proximate attackers to execute arbitrary code by injecting crafted frames into a wireless network. | |||
| CVE-2006-4866 | 0.03 | — | 0.01 | Sep 19, 2006 | Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument. | |||
| CVE-2006-2019 | 0.03 | — | 0.04 | Apr 25, 2006 | Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows remote attackers to cause a denial of service (CPU consumption and crash) via a TD element with a large number in the rowspan attribute. | |||
| CVE-2005-2713 | 0.03 | — | 0.01 | Dec 31, 2005 | passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option. | |||
| CVE-2005-3018 | 0.03 | — | 0.03 | Sep 21, 2005 | Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL. | |||
| CVE-2005-2508 | 0.03 | — | 0.01 | Aug 19, 2005 | dsidentity in Directory Services in Mac OS X 10.4.2 allows local users to add or remove user accounts. | |||
| CVE-2005-2523 | 0.03 | — | 0.01 | Aug 19, 2005 | Multiple cross-site scripting (XSS) vulnerabilities in Weblog Server in Mac OS X 10.4 to 10.4.2 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||
| CVE-2005-2594 | 0.03 | — | 0.03 | Aug 17, 2005 | Apple Safari 1.3 (132) on Mac OS X 1.3.9 allows remote attackers to cause a denial of service (crash) via certain Javascript, possibly involving a function that defines a handler for itself within the function body. | |||
| CVE-2005-1725 | 0.03 | — | 0.01 | Jun 8, 2005 | launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecure temporary directory. | |||
| CVE-2005-1307 | 0.03 | — | 0.04 | May 17, 2005 | The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled… | |||
| CVE-2005-0903 | 0.03 | — | 0.02 | May 2, 2005 | Buffer overflow in QuickTime PictureViewer 6.5.1 allows remote attackers to cause a denial of service (application crash) via a JPEG file with crafted Huffman Table (marker DHT) data. | |||
| CVE-2005-0340 | 0.03 | — | 0.03 | May 2, 2005 | Integer signedness error in Apple File Service (AFP Server) allows remote attackers to cause a denial of service (application crash) via a negative UAM string length in a FPLoginExt packet. | |||
| CVE-2005-0342 | 0.03 | — | 0.01 | May 2, 2005 | The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file. | |||
| CVE-2005-0713 | 0.03 | — | 0.01 | Mar 21, 2005 | The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges. | |||
| CVE-2005-0716 | 0.03 | — | 0.01 | Mar 21, 2005 | Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable. | |||
| CVE-2005-0193 | 0.03 | — | 0.01 | Jan 22, 2005 | Buffer overflow in the (1) -v and (2) -a switches in mRouter in iSync 1.5 in Mac OS X 10.3.7 and earlier allows local users to execute arbitrary code. | |||
| CVE-2004-0824 | 0.03 | — | 0.01 | Dec 31, 2004 | PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files. | |||
| CVE-2004-1121 | 0.03 | — | 0.04 | Nov 1, 2004 | Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar via TABLE tags. | |||
| CVE-2003-0514 | 0.03 | — | 0.05 | Apr 15, 2004 | Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to send the cookie outside the specified URL subsets, e.g. to a vulnerable… |
- CVE-2007-6359Dec 15, 2007risk 0.03cvss —epss 0.01
The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return…
- CVE-2007-6261Dec 6, 2007risk 0.03cvss —epss 0.01
Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinite loop) via a crafted Mach-O binary.
- CVE-2007-4684Nov 15, 2007risk 0.03cvss —epss 0.01
Integer overflow in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a large num_sels argument to the i386_set_ldt system call.
- CVE-2007-4675Nov 7, 2007risk 0.03cvss —epss 0.33
Heap-based buffer overflow in the QuickTime VR extension 7.2.0.240 in QuickTime.qts in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a QTVR (QuickTime Virtual Reality) movie file containing a large size field in the atom header of a panorama…
- CVE-2007-5450Oct 14, 2007risk 0.03cvss —epss 0.05
Unspecified vulnerability in Safari on the Apple iPod touch (aka iTouch) and iPhone 1.1.1 allows user-assisted remote attackers to cause a denial of service (application crash), and enable filesystem browsing by the local user, via a certain TIFF file.
- CVE-2007-4812Sep 11, 2007risk 0.03cvss —epss 0.03
Buffer overflow in Apple Safari 3.0.3 522.15.5, and other versions before Beta Update 3.0.4, allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact by setting document.location.hash to a long string. NOTE: the crash might…
- CVE-2007-3284Jun 19, 2007risk 0.03cvss —epss 0.03
corefoundation.dll in Apple Safari 3.0.1 (552.12.2) for Windows allows remote attackers to cause a denial of service (crash) via certain forms that trigger errors related to History, possibly involving multiple form fields with the same name.
- CVE-2007-3186Jun 12, 2007risk 0.03cvss —epss 0.05
Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute arbitrary commands via shell metacharacters in a URI in the SRC of an IFRAME, as demonstrated using a gopher URI.
- CVE-2007-0752May 24, 2007risk 0.03cvss —epss 0.01
The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check.
- CVE-2007-0753May 24, 2007risk 0.03cvss —epss 0.01
Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter.
- CVE-2007-2843May 24, 2007risk 0.03cvss —epss 0.03
Cross-domain vulnerability in Apple Safari 2.0.4 allows remote attackers to access restricted information from other domains via Javascript, as demonstrated by a js script that accesses the location information of cross-domain web pages, probably involving setTimeout and timed…
- CVE-2007-2580May 9, 2007risk 0.03cvss —epss 0.01
Unspecified vulnerability in Apple Safari allows local users to obtain sensitive information (saved keychain passwords) via the document.loginform.password.value JavaScript parameter loaded from an AppleScript script.
- CVE-2007-1008Feb 20, 2007risk 0.03cvss —epss 0.02
Apple iTunes 7.0.2 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted XML list of radio stations, which results in memory corruption. NOTE: iTunes retrieves the XML document from a static URL, which requires an attacker to…
- CVE-2007-0710Feb 16, 2007risk 0.03cvss —epss 0.03
The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614.
- CVE-2007-0645Feb 1, 2007risk 0.03cvss —epss 0.02
Format string vulnerability in iPhoto 6.0.5 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling certain Apple AppKit functions.
- CVE-2007-0644Feb 1, 2007risk 0.03cvss —epss 0.02
Format string vulnerability in Apple Safari 2.0.4 (419.3) allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in filenames that are not properly handled when calling the (1) NSLog and (2) NSBeginAlertSheet Apple AppKit…
- CVE-2007-0647Feb 1, 2007risk 0.03cvss —epss 0.03
Format string vulnerability in Help Viewer 3.0.0 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSBeginAlertSheet Apple AppKit function.
- CVE-2007-0467Jan 31, 2007risk 0.03cvss —epss 0.02
crashdump in Apple Mac OS X 10.4.8 allows local users in the admin group to modify arbitrary files or gain privileges via a symlink attack on application logs in /Library/Logs/CrashReporter/.
- CVE-2007-0023Jan 24, 2007risk 0.03cvss —epss 0.02
The CFUserNotificationSendRequest function in UserNotificationCenter.app in Apple Mac OS X 10.4.8, when used in combination with diskutil, allows local users to gain privileges via a malicious InputManager in Library/InputManagers in a user's home directory, which is executed…
- CVE-2007-0430Jan 23, 2007risk 0.03cvss —epss 0.01
The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and earlier kernel allows local users to cause a denial of service (memory corruption) via a large mappingCount value.
- CVE-2007-0267Jan 17, 2007risk 0.03cvss —epss 0.01
The ufs_lookup function in the Mac OS X 10.4.8 and FreeBSD 6.1 kernels allows local users to cause a denial of service (kernel panic) and possibly corrupt other filesystems by mounting a crafted UNIX File System (UFS) DMG image that contains a corrupted directory entry (struct…
- CVE-2007-0229Jan 13, 2007risk 0.03cvss —epss 0.01
Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes "allocation of a negative size buffer" leading to a heap-based buffer…
- CVE-2007-0117Jan 9, 2007risk 0.03cvss —epss 0.05
DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) files, which allows attackers to gain privileges via a BOM file under /Library/Receipts/, which triggers arbitrary file permission changes upon…
- CVE-2007-0059Jan 5, 2007risk 0.03cvss —epss 0.06
Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 allows remote user-assisted attackers to execute arbitrary code and list filesystem contents via a QuickTime movie (.MOV) with an HREF Track (HREFTrack) that contains an automatic action tag with a local URI, which…
- CVE-2006-6173Nov 30, 2006risk 0.03cvss —epss 0.01
Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number of ranges in the…
- CVE-2006-6130Nov 28, 2006risk 0.03cvss —epss 0.01
Apple Mac OS X AppleTalk allows local users to cause a denial of service (kernel panic) by calling the AIOCREGLOCALZN ioctl command with a crafted data structure on an AppleTalk socket.
- CVE-2006-6129Nov 27, 2006risk 0.03cvss —epss 0.01
Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of service and possibly execute arbitrary code via a crafted Mach-O Universal program that triggers memory corruption.
- CVE-2006-6062Nov 22, 2006risk 0.03cvss —epss 0.05
Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a malformed UDTO HFS+ disk image, such as with "bad sectors," which triggers memory corruption.
- CVE-2006-6015Nov 21, 2006risk 0.03cvss —epss 0.04
Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote attackers to cause a denial of service (application crash) via a long argument to the exec method of a regular expression.
- CVE-2006-5836Nov 10, 2006risk 0.03cvss —epss 0.01
The fpathconf syscall function in bsd/kern/kern_descrip.c in the Darwin kernel (XNU) 8.8.1 in Apple Mac OS X allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a file descriptor with an unrecognized file type.
- CVE-2006-4392Oct 3, 2006risk 0.03cvss —epss 0.02
The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread…
- CVE-2006-3507Sep 21, 2006risk 0.03cvss —epss 0.01
Multiple stack-based buffer overflows in the AirPort wireless driver on Apple Mac OS X 10.3.9 and 10.4.7 allow physically proximate attackers to execute arbitrary code by injecting crafted frames into a wireless network.
- CVE-2006-4866Sep 19, 2006risk 0.03cvss —epss 0.01
Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument.
- CVE-2006-2019Apr 25, 2006risk 0.03cvss —epss 0.04
Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows remote attackers to cause a denial of service (CPU consumption and crash) via a TD element with a large number in the rowspan attribute.
- CVE-2005-2713Dec 31, 2005risk 0.03cvss —epss 0.01
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option.
- CVE-2005-3018Sep 21, 2005risk 0.03cvss —epss 0.03
Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.
- CVE-2005-2508Aug 19, 2005risk 0.03cvss —epss 0.01
dsidentity in Directory Services in Mac OS X 10.4.2 allows local users to add or remove user accounts.
- CVE-2005-2523Aug 19, 2005risk 0.03cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in Weblog Server in Mac OS X 10.4 to 10.4.2 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
- CVE-2005-2594Aug 17, 2005risk 0.03cvss —epss 0.03
Apple Safari 1.3 (132) on Mac OS X 1.3.9 allows remote attackers to cause a denial of service (crash) via certain Javascript, possibly involving a function that defines a handler for itself within the function body.
- CVE-2005-1725Jun 8, 2005risk 0.03cvss —epss 0.01
launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecure temporary directory.
- CVE-2005-1307May 17, 2005risk 0.03cvss —epss 0.04
The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled…
- CVE-2005-0903May 2, 2005risk 0.03cvss —epss 0.02
Buffer overflow in QuickTime PictureViewer 6.5.1 allows remote attackers to cause a denial of service (application crash) via a JPEG file with crafted Huffman Table (marker DHT) data.
- CVE-2005-0340May 2, 2005risk 0.03cvss —epss 0.03
Integer signedness error in Apple File Service (AFP Server) allows remote attackers to cause a denial of service (application crash) via a negative UAM string length in a FPLoginExt packet.
- CVE-2005-0342May 2, 2005risk 0.03cvss —epss 0.01
The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file.
- CVE-2005-0713Mar 21, 2005risk 0.03cvss —epss 0.01
The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges.
- CVE-2005-0716Mar 21, 2005risk 0.03cvss —epss 0.01
Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable.
- CVE-2005-0193Jan 22, 2005risk 0.03cvss —epss 0.01
Buffer overflow in the (1) -v and (2) -a switches in mRouter in iSync 1.5 in Mac OS X 10.3.7 and earlier allows local users to execute arbitrary code.
- CVE-2004-0824Dec 31, 2004risk 0.03cvss —epss 0.01
PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files.
- CVE-2004-1121Nov 1, 2004risk 0.03cvss —epss 0.04
Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar via TABLE tags.
- CVE-2003-0514Apr 15, 2004risk 0.03cvss —epss 0.05
Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to send the cookie outside the specified URL subsets, e.g. to a vulnerable…
Page 106 of 170