Filtered by vendor Apple Subscriptions
Filtered by product Mac Os X Server Subscriptions

Search

Switch to Advanced Search (Beta)
Total 817 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-2824 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code via a crafted embedded font in a document.
CVE-2009-2818 1 Apple 1 Mac Os X Server 2025-04-09 N/A
Adaptive Firewall in Apple Mac OS X before 10.6.2 does not properly handle invalid usernames in SSH login attempts, which makes it easier for remote attackers to obtain login access via a brute-force attack (aka dictionary attack).
CVE-2009-2812 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Launch Services in Apple Mac OS X 10.5.8 does not properly recognize an unsafe Uniform Type Identifier (UTI) in an exported document type in a downloaded application, which allows remote attackers to trigger the automatic opening of a file, and execute arbitrary code, via a crafted web site.
CVE-2009-2811 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Incomplete blacklist vulnerability in Launch Services in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code via a .fileloc file, which does not trigger a "potentially unsafe" warning message in the Quarantine feature.
CVE-2009-2809 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PixarFilm encoded TIFF image, related to "multiple memory corruption issues."
CVE-2009-2807 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors.
CVE-2009-2803 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a file with a crafted resource fork.
CVE-2009-2205 1 Apple 5 Java 1.4, Java 1.5, Java 1.6 and 2 more 2025-04-09 N/A
Stack-based buffer overflow in the Java Web Start command launcher in Java for Mac OS X 10.5 before Update 5 allows attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
CVE-2009-2200 2 Apple, Microsoft 5 Mac Os X, Mac Os X Server, Safari and 2 more 2025-04-09 N/A
WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document.
CVE-2009-2196 2 Apple, Microsoft 5 Mac Os X, Mac Os X Server, Safari and 2 more 2025-04-09 N/A
Unspecified vulnerability in Apple Safari 4 before 4.0.3 allows remote web servers to place an arbitrary web site in the Top Sites view, and possibly conduct phishing attacks, via unknown vectors.
CVE-2007-4680 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
CFNetwork in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 does not properly validate certificates, which allows remote attackers to spoof trusted SSL certificates via a man-in-the-middle attack.
CVE-2009-2191 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Format string vulnerability in Login Window in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in an application name.
CVE-2009-1726 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image containing an embedded ColorSync profile.
CVE-2007-0724 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console.
CVE-2007-0731 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.4 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL.
CVE-2007-0721 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Unspecified vulnerability in diskimages-helper in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted compressed disk image that triggers memory corruption.
CVE-2009-0944 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
The Microsoft Office Spotlight Importer in Spotlight in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not properly validate Microsoft Office files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a file that triggers memory corruption.
CVE-2009-0157 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Heap-based buffer overflow in CFNetwork in Apple Mac OS X 10.5 before 10.5.7 allows remote web servers to execute arbitrary code or cause a denial of service (application crash) via long HTTP headers.
CVE-2007-0728 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files insecurely while initializing a USB printer, which allows local users to create or overwrite arbitrary files.
CVE-2009-0160 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image that triggers memory corruption.