Filtered by vendor Apple
Subscriptions
Total
14525 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0895 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local users, and possibly remote attackers, to cause a denial of service (crash), access portions of memory, and possibly execute arbitrary code via a long command line argument (argv[]). | ||||
| CVE-2006-3498 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Stack-based buffer overflow in bootpd in the DHCP component for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to execute arbitrary code via a crafted BOOTP request. | ||||
| CVE-2000-0299 | 1 Apple | 1 Webobjects | 2026-04-16 | N/A |
| Buffer overflow in WebObjects.exe in the WebObjects Developer 4.5 package allows remote attackers to cause a denial of service via an HTTP request with long headers such as Accept. | ||||
| CVE-2006-0398 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. | ||||
| CVE-2006-3496 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause denial of service (crash) via an invalid AFP request that triggers an unchecked error condition. | ||||
| CVE-2006-0399 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. | ||||
| CVE-2006-1988 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| The WebTextRenderer(WebInternal) _CG_drawRun:style:geometry: function in Apple Safari 2.0.3 allows remote attackers to cause a denial of service (application crash) via an HTML LI tag with a large VALUE attribute (list item number), which triggers a null dereference in QPainter::drawText, probably due to a failed memory allocation that uses the VALUE. | ||||
| CVE-2006-4385 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted SGI image. | ||||
| CVE-2006-4388 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix file. | ||||
| CVE-2004-0089 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Buffer overflow in TruBlueEnvironment in Mac OS X 10.3.x and 10.2.x allows local users to gain privileges via a long environment variable. | ||||
| CVE-2006-1986 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via a large CELLSPACING attribute in a TABLE tag, which triggers an error in KWQListIteratorImpl::KWQListIteratorImpl. | ||||
| CVE-2005-0903 | 1 Apple | 1 Quicktime Pictureviewer | 2026-04-16 | N/A |
| Buffer overflow in QuickTime PictureViewer 6.5.1 allows remote attackers to cause a denial of service (application crash) via a JPEG file with crafted Huffman Table (marker DHT) data. | ||||
| CVE-2002-0666 | 6 Apple, Freebsd, Frees Wan and 3 more | 12 Mac Os X, Mac Os X Server, Freebsd and 9 more | 2026-04-16 | N/A |
| IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors. | ||||
| CVE-2003-1414 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter. | ||||
| CVE-2000-0346 | 1 Apple | 1 Appleshare | 2026-04-16 | N/A |
| AppleShare IP 6.1 and later allows a remote attacker to read potentially sensitive information via an invalid range request to the web server. | ||||
| CVE-2003-1413 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2026-04-16 | N/A |
| parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages. | ||||
| CVE-2006-1984 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Unspecified vulnerability in the _cg_TIFFSetField function in Mac OS X 10.4.6 and earlier, as used in applications that use ImageIO or AppKit, allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a null dereference. | ||||
| CVE-2003-0681 | 9 Apple, Gentoo, Hp and 6 more | 15 Mac Os X, Mac Os X Server, Linux and 12 more | 2026-04-16 | N/A |
| A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. | ||||
| CVE-2005-2754 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file with "Improper movie attributes." | ||||
| CVE-2005-0341 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| Apple Safari 1.2.4 does not obey the Content-type field in the HTTP header and renders text as HTML, which allows remote attackers to inject arbitrary web script or HTML and perform cross-site scripting (XSS) attacks. | ||||