Search Results (5617 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2522 1 Apple 2 Mac Os X, Safari 2026-04-16 N/A
Safari in WebKit in Mac OS X 10.4 to 10.4.2 directly accesses URLs within PDF files without the normal security checks, which allows remote attackers to execute arbitrary code via links in a PDF file.
CVE-2005-2514 1 Apple 1 Mac Os X 2026-04-16 N/A
Buffer overflow in ping in Mac OS X 10.3.9 allows local users to execute arbitrary code.
CVE-2006-1443 1 Apple 1 Mac Os X 2026-04-16 N/A
Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving conversions from string to file system representation within (1) CFStringGetFileSystemRepresentation or (2) getFileSystemRepresentation:maxLength:withPath in NSFileManager, and possibly other similar API functions.
CVE-2005-2515 1 Apple 1 Mac Os X 2026-04-16 N/A
Quartz Composer Screen Saver in Mac OS X 10.4.2 allows local users to access links from the RSS Visualizer even when a password is required.
CVE-2003-1005 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences.
CVE-2004-0081 23 4d, Apple, Avaya and 20 more 67 Webstar, Mac Os X, Mac Os X Server and 64 more 2026-04-16 N/A
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
CVE-2005-2509 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts.
CVE-2005-2508 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
dsidentity in Directory Services in Mac OS X 10.4.2 allows local users to add or remove user accounts.
CVE-2005-2510 1 Apple 1 Mac Os X Server 2026-04-16 N/A
The Server Admin tool in servermgr_ipfilter for Mac OS X 10.4 to 10.4.2, when using multiple subnets and Address Groups, does not always properly write firewall rules to the Active Rules when certain conditions occur, which could result in firewall policies that are less restrictive than intended by the administrator.
CVE-2005-2506 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Algorithmic complexity vulnerability in CoreFoundation in Mac OS X 10.3.9 and 10.4.2 allows attackers to cause a denial of service (CPU consumption) via crafted Gregorian dates.
CVE-2006-1442 1 Apple 1 Mac Os X 2026-04-16 N/A
The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if the client application has not directly requested it, which allows attackers to execute arbitrary code from an untrusted bundle.
CVE-2005-2507 1 Apple 1 Mac Os X Server 2026-04-16 N/A
Buffer overflow in Directory Services in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication.
CVE-2005-2511 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Unknown vulnerability in Mac OS X 10.4.2 and earlier, when using Kerberos authentication with LDAP, allows attackers to gain access to a root Terminal window.
CVE-2003-0881 1 Apple 1 Mac Os X 2026-04-16 N/A
Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password.
CVE-2005-2525 2 Apple, Easy Software Products 2 Mac Os X, Cups 2026-04-16 N/A
CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple simultaneous print jobs, which allows remote attackers to cause a denial of service (printing halt).
CVE-2006-3500 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an "improperly handled condition" that leads to use of "dangerous paths," probably related to an untrusted search path vulnerability.
CVE-2005-2504 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
The System Profiler in Mac OS X 10.4.2 labels a Bluetooth device with "Requires Authentication: No" even when the user has selected the "Require pairing for security" option, which could confuse users about which setting is valid.
CVE-2002-0655 4 Apple, Openssl, Oracle and 1 more 8 Mac Os X, Openssl, Application Server and 5 more 2026-04-16 N/A
OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2004-0824 1 Apple 1 Mac Os X 2026-04-16 N/A
PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files.
CVE-2005-2520 1 Apple 1 Mac Os X 2026-04-16 N/A
The password assistant in Mac OS X 10.4 to 10.4.2, when used to create multiple accounts from the same process, does not reset the suggested password list when the assistant is displayed, which allows attackers to view recently used passwords.