Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
AppleMac Os X Server10.5.8

130 matches found

CVE
CVEadded 2011/10/14 10:55 a.m.44 views

CVE-2011-3214

IOGraphics in Apple Mac OS X through 10.6.8 does not properly handle a locked-screen state in display sleep mode for an Apple Cinema Display, which allows physically proximate attackers to bypass the password requirement via unspecified vectors.

4.6CVSS7.8AI score0.00065EPSS
CVE
CVEadded 2012/05/11 3:49 a.m.44 views

CVE-2012-0649

Race condition in the initialization routine in blued in Bluetooth in Apple Mac OS X before 10.7.4 allows local users to gain privileges via vectors involving a temporary file.

6.9CVSS7.3AI score0.00035EPSS
CVE
CVEadded 2010/03/30 6:30 p.m.43 views

CVE-2010-0501

Directory traversal vulnerability in FTP Server in Apple Mac OS X Server before 10.6.3 allows remote authenticated users to read arbitrary files via crafted filenames.

6.8CVSS8AI score0.00083EPSS
CVE
CVEadded 2010/11/15 11:0 p.m.43 views

CVE-2010-1841

Disk Images in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted UDIF image.

9.3CVSS9.3AI score0.0219EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.43 views

CVE-2011-0224

CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QuickTime movie file.

6.8CVSS8.5AI score0.01405EPSS
CVE
CVEadded 2009/11/10 7:30 p.m.42 views

CVE-2009-2826

Multiple integer overflows in CoreGraphics in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers a heap-based buffer overflow.

6.8CVSS7.7AI score0.01892EPSS
CVE
CVEadded 2010/03/30 6:30 p.m.42 views

CVE-2010-0065

Disk Images in Apple Mac OS X before 10.6.3 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted disk image with bzip2 compression.

6.8CVSS9.3AI score0.01178EPSS
CVE
CVEadded 2010/06/17 4:30 p.m.42 views

CVE-2010-1375

NetAuthSysAgent in Network Authorization in Apple Mac OS X 10.5.8 does not have the expected authorization requirements, which allows local users to gain privileges via unspecified vectors.

7.2CVSS6.7AI score0.00052EPSS
CVE
CVEadded 2010/08/25 8:0 p.m.42 views

CVE-2010-1808

Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document.

6.8CVSS9.2AI score0.01392EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.42 views

CVE-2011-3228

QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file.

6.8CVSS8.7AI score0.01383EPSS
CVE
CVEadded 2012/09/20 9:55 p.m.42 views

CVE-2012-3723

Apple Mac OS X before 10.7.5 does not properly handle the bNbrPorts field of a USB hub descriptor, which allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) by attaching a USB device.

4.6CVSS7.7AI score0.00075EPSS
CVE
CVEadded 2009/09/14 4:30 p.m.41 views

CVE-2009-2807

Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors.

7.2CVSS7AI score0.00069EPSS
CVE
CVEadded 2009/11/10 7:30 p.m.41 views

CVE-2009-2818

Adaptive Firewall in Apple Mac OS X before 10.6.2 does not properly handle invalid usernames in SSH login attempts, which makes it easier for remote attackers to obtain login access via a brute-force attack (aka dictionary attack).

5CVSS6.8AI score0.00421EPSS
CVE
CVEadded 2009/11/10 7:30 p.m.41 views

CVE-2009-2829

Event Monitor in Apple Mac OS X 10.5.8 does not properly handle crafted authentication data sent to an SSH daemon, which allows remote attackers to cause a denial of service via vectors involving processing of XML log documents by other services, related to a "log injection" issue.

5CVSS7AI score0.00747EPSS
CVE
CVEadded 2010/11/16 10:0 p.m.41 views

CVE-2010-1845

ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PSD image.

6.8CVSS9.3AI score0.01796EPSS
CVE
CVEadded 2011/06/24 8:55 p.m.41 views

CVE-2011-0205

Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image.

6.8CVSS6.6AI score0.06115EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.41 views

CVE-2011-0231

CFNetwork in Apple Mac OS X before 10.7.2 does not properly follow an intended cookie-storage policy, which makes it easier for remote web servers to track users via a cookie, related to a "synchronization issue."

5CVSS7.8AI score0.00291EPSS
CVE
CVEadded 2012/05/11 3:49 a.m.41 views

CVE-2012-0662

Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input.

7.5CVSS8.9AI score0.01739EPSS
CVE
CVEadded 2009/11/10 7:30 p.m.40 views

CVE-2009-2819

AFP Client in Apple Mac OS X 10.5.8 allows remote AFP servers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via unspecified vectors.

9.3CVSS7.9AI score0.00729EPSS
CVE
CVEadded 2010/03/30 6:30 p.m.40 views

CVE-2010-0500

Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service (arbitrary client blacklisting) via a crafted DNS PTR record, related to a "plist injection issue."

7.8CVSS8.3AI score0.00428EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.40 views

CVE-2011-0229

Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access.

6.8CVSS8.3AI score0.01825EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.40 views

CVE-2011-3227

libsecurity in Apple Mac OS X before 10.7.2 does not properly handle errors during processing of a nonstandard extension in a Certificate Revocation list (CRL), which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) a crafted (1) web site or (2) e-m...

6.8CVSS8.5AI score0.0063EPSS
CVE
CVEadded 2009/09/14 4:30 p.m.39 views

CVE-2009-2814

Cross-site scripting (XSS) vulnerability in the Wiki Server in Apple Mac OS X 10.5.8 allows remote attackers to inject arbitrary web script or HTML via a search request containing data that does not use UTF-8 encoding.

4.3CVSS6.3AI score0.00499EPSS
CVE
CVEadded 2009/11/10 7:30 p.m.39 views

CVE-2009-2827

Heap-based buffer overflow in Disk Images in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FAT filesystem on a disk image.

6.8CVSS7.8AI score0.01901EPSS
CVE
CVEadded 2009/11/10 7:30 p.m.39 views

CVE-2009-2840

Spotlight in Apple Mac OS X 10.5.8 does not properly handle temporary files, which allows local users to overwrite arbitrary files in the context of a different user's privileges via unspecified vectors.

4.9CVSS6.7AI score0.00057EPSS
CVE
CVEadded 2010/03/30 6:30 p.m.38 views

CVE-2010-0502

iChat Server in Apple Mac OS X Server before 10.6.3, when group chat is used, does not perform logging for all types of messages, which might allow remote attackers to avoid message auditing via an unspecified selection of message type.

4.3CVSS8.6AI score0.00229EPSS
CVE
CVEadded 2010/03/30 6:30 p.m.38 views

CVE-2010-0503

Use-after-free vulnerability in iChat Server in Apple Mac OS X Server 10.5.8 allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

6.5CVSS8.8AI score0.01244EPSS
CVE
CVEadded 2010/08/25 8:0 p.m.38 views

CVE-2010-1802

libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con cert...

6.4CVSS8.1AI score0.00119EPSS
CVE
CVEadded 2012/09/20 9:55 p.m.38 views

CVE-2012-3718

Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local users to read passwords entered into Login Window (aka LoginWindow) or Screen Saver Unlock by installing an input method that intercepts keystrokes.

2.1CVSS5.8AI score0.00061EPSS
CVE
CVEadded 2011/10/14 10:55 a.m.36 views

CVE-2011-3216

The kernel in Apple Mac OS X before 10.7.2 does not properly implement the sticky bit for directories, which might allow local users to bypass intended permissions and delete files via an unlink system call.

2.1CVSS7.5AI score0.00058EPSS
Total number of security vulnerabilities130