Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X
Subscriptions
Total
5568 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0513 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact and attack vectors related to "logging when tracing system calls." | ||||
| CVE-2004-0824 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files. | ||||
| CVE-2004-1081 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2025-04-03 | N/A |
| The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session. | ||||
| CVE-2004-1083 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2025-04-03 | 7.5 High |
| Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning with ".ht" using alternate capitalization. | ||||
| CVE-2003-0895 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local users, and possibly remote attackers, to cause a denial of service (crash), access portions of memory, and possibly execute arbitrary code via a long command line argument (argv[]). | ||||
| CVE-2003-0883 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| The System Preferences capability in Mac OS X before 10.3 allows local users to access secure Preference Panes for a short period after an administrator has authenticated to the system. | ||||
| CVE-2004-1123 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2025-04-03 | N/A |
| Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte. | ||||
| CVE-2003-0882 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Mac OS X before 10.3 initializes the TCP timestamp with a constant number, which allows remote attackers to determine the system's uptime via the ID field in a TCP packet. | ||||
| CVE-2003-0881 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password. | ||||
| CVE-2005-0713 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges. | ||||
| CVE-2005-0715 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Drop Boxes," which allows local users to read the contents of a Drop Box. | ||||
| CVE-2006-4887 | 1 Apple | 2 Apple Remote Desktop, Mac Os X | 2025-04-03 | N/A |
| Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by selecting the icon during installation. NOTE: it could be argued that the issue is not in Remote Desktop itself, but in applications that are installed while using it. | ||||
| CVE-2003-0880 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Unknown vulnerability in Mac OS X before 10.3 allows local users to access Dock functions from behind Screen Effects when Full Keyboard Access is enabled using the Keyboard pane in System Preferences. | ||||
| CVE-2003-0878 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| slpd daemon in Mac OS X before 10.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2003-0875. | ||||
| CVE-2005-1307 | 2 Adobe, Apple | 2 Version Cue, Mac Os X | 2025-04-03 | N/A |
| The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory. | ||||
| CVE-2005-1332 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory. | ||||
| CVE-2005-1333 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files. | ||||
| CVE-2005-1336 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable. | ||||
| CVE-2005-1337 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI. | ||||
| CVE-2005-1340 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy. | ||||