Lucene search

K
AppleMac Os X Server

171 matches found

CVE
CVE
added 2012/02/16 8:55 p.m.227 views

CVE-2011-3026

Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.

6.8CVSS9.1AI score0.34687EPSS
CVE
CVE
added 2003/05/05 4:0 a.m.201 views

CVE-2003-0198

Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files.

6.4CVSS6.8AI score0.00448EPSS
CVE
CVE
added 2012/10/03 9:55 p.m.159 views

CVE-2012-3489

The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content that...

6.5CVSS6.1AI score0.01036EPSS
CVE
CVE
added 2012/05/11 3:49 a.m.125 views

CVE-2012-0659

Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.

6.8CVSS8.5AI score0.01774EPSS
CVE
CVE
added 2009/08/11 6:30 p.m.113 views

CVE-2009-2416

Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Cod...

6.5CVSS6.7AI score0.00296EPSS
CVE
CVE
added 2009/09/14 4:30 p.m.80 views

CVE-2009-2813

Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote aut...

6CVSS7AI score0.00366EPSS
CVE
CVE
added 2010/06/22 5:30 p.m.71 views

CVE-2010-1637

The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number.

6.5CVSS5.9AI score0.00128EPSS
CVE
CVE
added 2010/06/17 4:30 p.m.68 views

CVE-2010-1411

Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a c...

6.8CVSS7.8AI score0.01116EPSS
CVE
CVE
added 2010/06/17 4:30 p.m.64 views

CVE-2010-0540

Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings.

6CVSS8.3AI score0.00401EPSS
CVE
CVE
added 2008/07/01 6:41 p.m.62 views

CVE-2008-2309

Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.5.4 allows user-assisted remote attackers to execute arbitrary code via a (1) .xht or (2) .xhtm file, which does not trigger a "potentially unsafe" warning message in (a) the Download Validation feature in Mac OS X 10.4 or ...

6.8CVSS7.2AI score0.02463EPSS
CVE
CVE
added 2009/09/09 10:30 p.m.61 views

CVE-2009-2205

Stack-based buffer overflow in the Java Web Start command launcher in Java for Mac OS X 10.5 before Update 5 allows attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

6.8CVSS8.3AI score0.00837EPSS
CVE
CVE
added 2011/03/23 2:0 a.m.61 views

CVE-2011-0173

Multiple format string vulnerabilities in AppleScript in Apple Mac OS X before 10.6.7 allow context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a (1) display dialog or (2) display alert command in a dialog in an Appl...

6.8CVSS6.8AI score0.00659EPSS
CVE
CVE
added 2010/11/16 10:0 p.m.60 views

CVE-2010-3788

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file.

6.8CVSS9AI score0.01058EPSS
CVE
CVE
added 2010/11/16 10:0 p.m.60 views

CVE-2010-3792

Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file.

6.8CVSS9AI score0.01058EPSS
CVE
CVE
added 2011/10/14 10:55 a.m.58 views

CVE-2011-3437

Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.7 before 10.7.2 allows remote attackers to execute arbitrary code via a crafted embedded Type 1 font in a document.

6.8CVSS8.3AI score0.00957EPSS
CVE
CVE
added 2014/02/27 1:55 a.m.58 views

CVE-2014-1268

WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270.

6.8CVSS7.8AI score0.0105EPSS
CVE
CVE
added 2009/09/14 4:30 p.m.57 views

CVE-2009-2803

CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a file with a crafted resource fork.

6.8CVSS7.7AI score0.0089EPSS
CVE
CVE
added 2009/09/14 4:30 p.m.57 views

CVE-2009-2804

Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, and Safari before 4.0.4 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ColorSync profile embedded in an image, leading to a heap-based buffer overflow.

6.8CVSS7.9AI score0.09194EPSS
CVE
CVE
added 2011/03/23 2:0 a.m.57 views

CVE-2011-0175

Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded TrueType font.

6.8CVSS6.4AI score0.01577EPSS
CVE
CVE
added 2014/02/27 1:55 a.m.57 views

CVE-2014-1270

WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269.

6.8CVSS7.8AI score0.0105EPSS
CVE
CVE
added 2009/09/14 4:30 p.m.56 views

CVE-2009-2809

ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PixarFilm encoded TIFF image, related to "multiple memory corruption issues."

6.8CVSS7.8AI score0.02414EPSS
CVE
CVE
added 2010/11/16 10:0 p.m.56 views

CVE-2010-3785

Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Office document.

6.8CVSS9.2AI score0.02245EPSS
CVE
CVE
added 2010/11/16 10:0 p.m.56 views

CVE-2010-3786

QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Excel file.

6.8CVSS9.2AI score0.05127EPSS
CVE
CVE
added 2010/11/16 10:0 p.m.56 views

CVE-2010-3790

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary.

6.8CVSS7.9AI score0.04226EPSS
CVE
CVE
added 2011/06/24 8:55 p.m.56 views

CVE-2011-0204

Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.

6.8CVSS6.6AI score0.03719EPSS
CVE
CVE
added 2011/10/14 10:55 a.m.56 views

CVE-2011-3222

Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.

6.8CVSS8.6AI score0.02208EPSS
CVE
CVE
added 2012/09/20 9:55 p.m.56 views

CVE-2012-3722

The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.

6.8CVSS7.5AI score0.02122EPSS
CVE
CVE
added 2013/03/15 8:55 p.m.56 views

CVE-2013-0966

The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI.

6.4CVSS6.3AI score0.00241EPSS
CVE
CVE
added 2007/03/13 10:19 p.m.55 views

CVE-2007-0722

Integer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted AppleSingleEncoding disk image.

6.8CVSS8AI score0.09583EPSS
CVE
CVE
added 2008/03/18 10:44 p.m.55 views

CVE-2008-0057

Multiple integer overflows in a "legacy serialization format" parser in AppKit in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via a crafted serialized property list.

6.8CVSS9AI score0.02559EPSS
CVE
CVE
added 2009/08/06 4:30 p.m.55 views

CVE-2009-1727

Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X 10.5 before 10.5.8 makes it easier for user-assisted remote attackers to execute arbitrary JavaScript via a web page that offers a download with a Content-Type value that is not on the list of possibly unsafe content types for Safari...

6.8CVSS7AI score0.00563EPSS
CVE
CVE
added 2010/03/30 5:30 p.m.55 views

CVE-2010-0056

Buffer overflow in Cocoa spell checking in AppKit in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document.

6.8CVSS9.2AI score0.01449EPSS
CVE
CVE
added 2010/11/16 10:0 p.m.55 views

CVE-2010-3787

Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image.

6.8CVSS9.3AI score0.01368EPSS
CVE
CVE
added 2008/06/02 9:30 p.m.54 views

CVE-2008-1032

Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.5.3 allows user-assisted remote attackers to execute arbitrary code via an (1) Automator, (2) Help, (3) Safari, or (4) Terminal content type for a downloadable object, which does not trigger a "potentially unsafe" warning m...

6.8CVSS7.2AI score0.04339EPSS
CVE
CVE
added 2010/03/30 6:30 p.m.54 views

CVE-2010-0513

Stack-based buffer overflow in PS Normalizer in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PostScript document.

6.8CVSS9.3AI score0.01901EPSS
CVE
CVE
added 2010/03/30 6:30 p.m.54 views

CVE-2010-0517

Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with M-JPEG encoding, which causes QuickTime to calculate a buffer size using height and width fields, ...

6.8CVSS9.3AI score0.03478EPSS
CVE
CVE
added 2010/11/15 11:0 p.m.54 views

CVE-2010-1829

Directory traversal vulnerability in AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to execute arbitrary code by creating files that are outside the bounds of a share.

6CVSS8.8AI score0.00732EPSS
CVE
CVE
added 2010/11/16 10:0 p.m.54 views

CVE-2010-3791

Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file.

6.8CVSS9.2AI score0.01127EPSS
CVE
CVE
added 2010/11/16 11:18 p.m.54 views

CVE-2010-4010

Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code via a crafted embedded Compact Font Format (CFF) font in a document.

6.8CVSS8.9AI score0.01314EPSS
CVE
CVE
added 2014/02/27 1:55 a.m.54 views

CVE-2014-1269

WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1270.

6.8CVSS7.8AI score0.0105EPSS
CVE
CVE
added 2011/03/11 5:55 p.m.53 views

CVE-2011-1417

Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in Apple iOS before 4.2.7 and 4.3.x before 4.3.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a Microsoft Office document with a c...

6.8CVSS6.3AI score0.04317EPSS
CVE
CVE
added 2007/11/07 11:46 p.m.52 views

CVE-2007-1661

Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service (crash), as demonstrated by the "\X?...

6.4CVSS9.2AI score0.02716EPSS
CVE
CVE
added 2009/09/14 4:30 p.m.52 views

CVE-2009-2811

Incomplete blacklist vulnerability in Launch Services in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code via a .fileloc file, which does not trigger a "potentially unsafe" warning message in the Quarantine feature.

6.8CVSS7.4AI score0.02518EPSS
CVE
CVE
added 2010/03/30 6:30 p.m.52 views

CVE-2010-0063

Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.6.3 makes it easier for user-assisted remote attackers to execute arbitrary JavaScript via a web page that offers a download with a Content-Type value that is not on the list of possibly unsafe content types for Safari, as ...

6.8CVSS8.9AI score0.00345EPSS
CVE
CVE
added 2010/06/17 4:30 p.m.52 views

CVE-2010-0543

ImageIO in Apple Mac OS X 10.5.8, and 10.6 before 10.6.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with MPEG2 encoding.

6.8CVSS7.8AI score0.02117EPSS
CVE
CVE
added 2010/11/16 10:0 p.m.52 views

CVE-2010-3795

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of GIF image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.

6.8CVSS9AI score0.01058EPSS
CVE
CVE
added 2011/06/24 8:55 p.m.52 views

CVE-2011-0208

QuickLook in Apple Mac OS X 10.6 before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document.

6.8CVSS6.3AI score0.02057EPSS
CVE
CVE
added 2013/03/15 8:55 p.m.52 views

CVE-2013-0971

Use-after-free vulnerability in PDFKit in Apple Mac OS X before 10.8.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted ink annotations in a PDF document.

6.8CVSS7.6AI score0.0147EPSS
CVE
CVE
added 2007/03/13 9:19 p.m.51 views

CVE-2007-0719

Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via an image with a crafted ColorSync profile.

6.8CVSS8.1AI score0.13074EPSS
CVE
CVE
added 2010/09/21 8:0 p.m.51 views

CVE-2010-1820

Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x through 10.6.4 does not properly handle errors, which allows remote attackers to bypass the password requirement for shared-folder access by leveraging knowledge of a valid account name.

6.8CVSS6.5AI score0.00321EPSS
Total number of security vulnerabilities171