Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2011-0229 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Oct 14, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds mem...Show more Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access.Show less
CVE-2011-0224 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Oct 14, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QuickTime movie file.
CVE-2011-0185 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Oct 14, 2011 N/A· v4 N/A· v3 4.4 MEDIUM· v2 Format string vulnerability in the debug-logging feature in Application Firewall in Apple Mac OS X before 10.7.2 allows local users to gain privileges via a crafted name of an executable file.
CVE-2011-2834 4Apple DebianGoogle+1 more 8Chrome Debian LinuxEnterprise Linux Desktop+5 more Apr 29, 2026 Sep 19, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
CVE-2011-3422 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Sep 12, 2011 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does not properly handle an untrusted attribute of a Certification Authority certificate, which makes it easier for man-in-the-middle attackers to spoof ar...Show more The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does not properly handle an untrusted attribute of a Certification Authority certificate, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via an Extended Validation certificate, as demonstrated by https access with Safari.Show less
CVE-2011-2821 4Apple DebianGoogle+1 more 8Chrome Debian LinuxEnterprise Linux Desktop+5 more Apr 29, 2026 Aug 29, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.
CVE-2011-2192 5Apple CanonicalDebian+2 more 5Debian Linux FedoraLibcurl+2 more Apr 29, 2026 Jul 7, 2011 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers...Show more The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.Show less
CVE-2011-2601 1Apple 1Mac Os X Apr 29, 2026 Jun 30, 2011 N/A· v4 N/A· v3 7.1 HIGH· v2 The GPU support functionality in Mac OS X does not properly restrict rendering time, which allows remote attackers to cause a denial of service (desktop hang) via vectors involving WebGL and (1) shader programs or (2) co...Show more The GPU support functionality in Mac OS X does not properly restrict rendering time, which allows remote attackers to cause a denial of service (desktop hang) via vectors involving WebGL and (1) shader programs or (2) complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to visit the lots-of-polys-example.html test page in the Khronos WebGL SDK.Show less
CVE-2009-5078 2Apple Gnu 2Groff Mac Os X Apr 29, 2026 Jun 30, 2011 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 launches the Ghostscript program without the -dSAFER option, which allows remote attackers to create, overwrite, rename, or delete arbitrary files via a cra...Show more contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 launches the Ghostscript program without the -dSAFER option, which allows remote attackers to create, overwrite, rename, or delete arbitrary files via a crafted document.Show less
CVE-2011-1132 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Jun 24, 2011 N/A· v4 N/A· v3 4.9 MEDIUM· v2 The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options.
CVE-2011-0213 1Apple 2Mac Os X Quicktime Apr 29, 2026 Jun 24, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG file.
CVE-2011-0211 1Apple 2Mac Os X Quicktime Apr 29, 2026 Jun 24, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
CVE-2011-0210 1Apple 2Mac Os X Quicktime Apr 29, 2026 Jun 24, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie file.
CVE-2011-0209 1Apple 2Mac Os X Quicktime Apr 29, 2026 Jun 24, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file.
CVE-2011-0208 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Jun 24, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 QuickLook in Apple Mac OS X 10.6 before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document.
CVE-2011-0207 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Jun 24, 2011 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The MobileMe component in Apple Mac OS X before 10.6.8 uses a cleartext HTTP session for the Mail application to read e-mail aliases, which allows remote attackers to obtain potentially sensitive alias information by sni...Show more The MobileMe component in Apple Mac OS X before 10.6.8 uses a cleartext HTTP session for the Mail application to read e-mail aliases, which allows remote attackers to obtain potentially sensitive alias information by sniffing the network.Show less
CVE-2011-0206 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Jun 24, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in International Components for Unicode (ICU) in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors invo...Show more Buffer overflow in International Components for Unicode (ICU) in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving uppercase strings.Show less
CVE-2011-0205 1Apple 3Imageio Mac Os XMac Os X Server Apr 29, 2026 Jun 24, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image.
CVE-2011-0204 1Apple 3Imageio Mac Os XMac Os X Server Apr 29, 2026 Jun 24, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.
CVE-2011-0202 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Jun 24, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Integer overflow in CoreGraphics in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded Type 1 font in a PDF document.

Previous 1...121122123...161 Next