Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
AppleMac Os X Server10.3.7

79 matches found

CVE
CVEadded 2012/05/11 3:49 a.m.44 views

CVE-2012-0649

Race condition in the initialization routine in blued in Bluetooth in Apple Mac OS X before 10.7.4 allows local users to gain privileges via vectors involving a temporary file.

6.9CVSS7.3AI score0.00035EPSS
CVE
CVEadded 2006/03/03 10:2 p.m.43 views

CVE-2006-0388

Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources.

2.6CVSS6.9AI score0.00414EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.43 views

CVE-2011-0224

CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QuickTime movie file.

6.8CVSS8.5AI score0.01405EPSS
CVE
CVEadded 2006/03/03 10:2 p.m.42 views

CVE-2006-0386

FileVault in Mac OS X 10.4.5 and earlier does not properly mount user directories when creating a FileVault image, which allows local users to access protected files when FileVault is enabled.

1.7CVSS6.3AI score0.00068EPSS
CVE
CVEadded 2006/03/06 8:6 p.m.42 views

CVE-2006-0387

Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier, and 10.3.9 and earlier, allows remote attackers to execute arbitrary code via unspecified vectors involving a web page with crafted JavaScript, a different vulnerability than CVE-2005-4504.

6.4CVSS7.9AI score0.21773EPSS
CVE
CVEadded 2007/05/24 10:30 p.m.42 views

CVE-2007-0751

A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command.

2.1CVSS7.1AI score0.00073EPSS
CVE
CVEadded 2009/04/02 5:30 p.m.42 views

CVE-2009-1236

Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a certain ifPort structure member.

10CVSS6.9AI score0.05379EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.42 views

CVE-2011-3228

QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file.

6.8CVSS8.7AI score0.01383EPSS
CVE
CVEadded 2012/09/20 9:55 p.m.42 views

CVE-2012-3723

Apple Mac OS X before 10.7.5 does not properly handle the bNbrPorts field of a USB hub descriptor, which allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) by attaching a USB device.

4.6CVSS7.7AI score0.00075EPSS
CVE
CVEadded 2005/05/02 4:0 a.m.41 views

CVE-2005-0125

The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read arbitrary files via the -f argument to batch, which generates a job file that i...

7.2CVSS7AI score0.00045EPSS
CVE
CVEadded 2005/05/03 4:0 a.m.41 views

CVE-2005-1430

Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users.

3.6CVSS6.3AI score0.00048EPSS
CVE
CVEadded 2006/03/02 7:0 p.m.41 views

CVE-2005-2713

passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option.

6.8CVSS6.6AI score0.00183EPSS
CVE
CVEadded 2005/12/01 2:7 a.m.41 views

CVE-2005-2757

Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to execute arbitrary code via unknown attack vectors involving "validation of URLs."

7.5CVSS8.1AI score0.04091EPSS
CVE
CVEadded 2007/08/03 10:17 a.m.41 views

CVE-2007-2404

CRLF injection vulnerability in CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 before 20070731 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in an unspecified context. NOTE: this can be leveraged for cross-site scripting (XSS...

5CVSS5.7AI score0.00516EPSS
CVE
CVEadded 2009/11/10 7:30 p.m.41 views

CVE-2009-2818

Adaptive Firewall in Apple Mac OS X before 10.6.2 does not properly handle invalid usernames in SSH login attempts, which makes it easier for remote attackers to obtain login access via a brute-force attack (aka dictionary attack).

5CVSS6.8AI score0.00421EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.41 views

CVE-2011-0231

CFNetwork in Apple Mac OS X before 10.7.2 does not properly follow an intended cookie-storage policy, which makes it easier for remote web servers to track users via a cookie, related to a "synchronization issue."

5CVSS7.8AI score0.00291EPSS
CVE
CVEadded 2012/05/11 3:49 a.m.41 views

CVE-2012-0662

Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input.

7.5CVSS8.9AI score0.01739EPSS
CVE
CVEadded 2005/05/12 4:0 a.m.40 views

CVE-2005-0972

Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to execute arbitrary code via crafted parameters.

7.2CVSS7.5AI score0.0006EPSS
CVE
CVEadded 2006/03/02 7:0 p.m.40 views

CVE-2005-2714

passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file.

6.8CVSS6.3AI score0.00025EPSS
CVE
CVEadded 2006/04/21 10:2 p.m.40 views

CVE-2006-1982

Heap-based buffer overflow in the LZWDecodeVector function in Mac OS X before 10.4.6, as used in applications that use ImageIO or AppKit, allows remote attackers to execute arbitrary code via crafted TIFF images.

7.5CVSS8.1AI score0.44857EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.40 views

CVE-2011-0229

Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access.

6.8CVSS8.3AI score0.01825EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.40 views

CVE-2011-3227

libsecurity in Apple Mac OS X before 10.7.2 does not properly handle errors during processing of a nonstandard extension in a Certificate Revocation list (CRL), which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) a crafted (1) web site or (2) e-m...

6.8CVSS8.5AI score0.0063EPSS
CVE
CVEadded 2005/05/02 4:0 a.m.39 views

CVE-2005-0975

Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service (CPU consumption) via a crafted mach-o header.

2.1CVSS6.2AI score0.00099EPSS
CVE
CVEadded 2005/08/19 4:0 a.m.39 views

CVE-2005-2509

Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts.

2.1CVSS9.4AI score0.00076EPSS
CVE
CVEadded 2009/04/02 5:30 p.m.39 views

CVE-2009-1237

Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allow local users to cause a denial of service (kernel memory consumption) via a crafted (1) SYS_add_profil or (2) SYS___mac_getfsstat system call.

4.9CVSS6.2AI score0.00237EPSS
CVE
CVEadded 2006/09/19 7:7 p.m.38 views

CVE-2006-4866

Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument.

4.6CVSS7.6AI score0.00642EPSS
CVE
CVEadded 2012/09/20 9:55 p.m.38 views

CVE-2012-3718

Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local users to read passwords entered into Login Window (aka LoginWindow) or Screen Saver Unlock by installing an input method that intercepts keystrokes.

2.1CVSS5.8AI score0.00061EPSS
CVE
CVEadded 2006/03/02 7:6 p.m.36 views

CVE-2006-0384

automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to "mount file systems with reserved names".

7.5CVSS7.8AI score0.01873EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.36 views

CVE-2011-3216

The kernel in Apple Mac OS X before 10.7.2 does not properly implement the sticky bit for directories, which might allow local users to bypass intended permissions and delete files via an unlink system call.

2.1CVSS7.5AI score0.00058EPSS
Total number of security vulnerabilities79