Filtered by vendor Apple
Subscriptions
Total
13705 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2510 | 1 Apple | 1 Mac Os X Server | 2026-04-16 | N/A |
| The Server Admin tool in servermgr_ipfilter for Mac OS X 10.4 to 10.4.2, when using multiple subnets and Address Groups, does not always properly write firewall rules to the Active Rules when certain conditions occur, which could result in firewall policies that are less restrictive than intended by the administrator. | ||||
| CVE-2005-2512 | 1 Apple | 2 Mac Os X, Mail | 2026-04-16 | N/A |
| Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an HTML message, loads remote images even when the user's preferences state otherwise, which could result in a privacy leak. | ||||
| CVE-2005-2518 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Buffer overflow in servermgrd in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication. | ||||
| CVE-2005-2520 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| The password assistant in Mac OS X 10.4 to 10.4.2, when used to create multiple accounts from the same process, does not reset the suggested password list when the assistant is displayed, which allows attackers to view recently used passwords. | ||||
| CVE-1999-1543 | 1 Apple | 1 Macos | 2026-04-16 | N/A |
| MacOS uses weak encryption for passwords that are stored in the Users & Groups Data File. | ||||
| CVE-2002-0252 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote web servers to execute arbitrary code via a response containing a long Content-Type MIME header. | ||||
| CVE-2001-0102 | 1 Apple | 1 Macos | 2026-04-16 | N/A |
| "Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password. | ||||
| CVE-2005-1728 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credentials, which allows local users to obtain the credentials. | ||||
| CVE-2006-3502 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Unspecified vulnerability in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image that triggers a memory allocation failure that is not properly handled. | ||||
| CVE-2006-3508 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Heap-based buffer overflow in the AirPort wireless driver on Apple Mac OS X 10.4.7 allows physically proximate attackers to cause a denial of service (crash), gain privileges, and execute arbitrary code via a crafted frame that is not properly handled during scan cache updates. | ||||
| CVE-2006-3509 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service (crash) or execute arbitrary code in third-party wireless software that uses the API via crafted frames. | ||||
| CVE-2005-0972 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to execute arbitrary code via crafted parameters. | ||||
| CVE-1999-1076 | 1 Apple | 1 Macos | 2026-04-16 | N/A |
| Idle locking function in MacOS 9 allows local users to bypass the password protection of idled sessions by selecting the "Log Out" option and selecting a "Cancel" option in the dialog box for an application that attempts to verify that the user wants to log out, which returns the attacker into the locked session. | ||||
| CVE-2006-3501 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Integer overflow in ImageIO for Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Radiance image. | ||||
| CVE-2006-3500 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an "improperly handled condition" that leads to use of "dangerous paths," probably related to an untrusted search path vulnerability. | ||||
| CVE-2006-3499 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| The dynamic linker (dyld) in Apple Mac OS X 10.3.9 allows local users to obtain sensitive information via unspecified dynamic linker options that affect the use of standard error (stderr) by privileged applications. | ||||
| CVE-2006-3372 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| Apple Safari 2.0.4/419.3 allows remote attackers to cause a denial of service (application crash) via a DHTML setAttributeNode function call with zero arguments, which triggers a null dereference. | ||||
| CVE-2005-0713 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges. | ||||
| CVE-1999-0524 | 11 Apple, Cisco, Hp and 8 more | 14 Mac Os X, Macos, Ios and 11 more | 2026-04-16 | N/A |
| ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. | ||||
| CVE-2000-0346 | 1 Apple | 1 Appleshare | 2026-04-16 | N/A |
| AppleShare IP 6.1 and later allows a remote attacker to read potentially sensitive information via an invalid range request to the web server. | ||||