Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-1838 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Nov 15, 2010 N/A· v4 N/A· v3 4.4 MEDIUM· v2 Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle errors associated with disabled mobile accounts, which allows remote attackers to bypass authentication by providing a valid a...Show more Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle errors associated with disabled mobile accounts, which allows remote attackers to bypass authentication by providing a valid account name.Show less
CVE-2010-1837 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Nov 15, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 CoreText in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a PDF document.
CVE-2010-1836 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Nov 15, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Stack-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
CVE-2010-1834 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Nov 15, 2010 N/A· v4 N/A· v3 5.8 MEDIUM· v2 CFNetwork in Apple Mac OS X 10.6.x before 10.6.5 does not properly validate the domains of cookies, which makes it easier for remote web servers to track users by setting a cookie that is associated with a partial IP add...Show more CFNetwork in Apple Mac OS X 10.6.x before 10.6.5 does not properly validate the domains of cookies, which makes it easier for remote web servers to track users by setting a cookie that is associated with a partial IP address.Show less
CVE-2010-1833 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Nov 15, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Apple Type Services (ATS) in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted embedded font in a document.
CVE-2010-1832 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Nov 15, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code via a crafted embedded font in a document.
CVE-2010-1831 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Nov 15, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code via a long name of an embedded font in a document.
CVE-2010-1830 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Nov 15, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 generates different error messages depending on whether a share exists, which allows remote attackers to enumerate valid share names via unspecified vectors.
CVE-2010-1829 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Nov 15, 2010 N/A· v4 N/A· v3 6.0 MEDIUM· v2 Directory traversal vulnerability in AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to execute arbitrary code by creating files that are outside the bounds of a share.
CVE-2010-1828 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Nov 15, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon restart) via crafted reconnect authentication packets.
CVE-2010-1803 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Nov 15, 2010 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Time Machine in Apple Mac OS X 10.6.x before 10.6.5 does not verify the unique identifier of its remote AFP volume, which allows remote attackers to obtain sensitive information by spoofing this volume.
CVE-2010-1378 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Nov 15, 2010 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitrary certificate issued by a legitimate Certificat...Show more OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitrary certificate issued by a legitimate Certification Authority.Show less
CVE-2010-2941 7Apple CanonicalDebian+4 more 13Cups Debian LinuxEnterprise Linux+10 more Apr 29, 2026 Nov 5, 2010 N/A· v4 9.8 CRITICAL· v3 9.3 HIGH· v2 ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application c...Show more ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.Show less
CVE-2010-2530 3Apple FreebsdNetbsd 3Freebsd Mac Os XNetbsd Apr 29, 2026 Sep 29, 2010 N/A· v4 N/A· v3 4.9 MEDIUM· v2 Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size valu...Show more Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1) SMBIOC_LOOKUP or (2) SMBIOC_OPENSESSION ioctl call.Show less
CVE-2010-1820 1Apple 2Mac Os X Mac Os X Server Apr 29, 2026 Sep 21, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x through 10.6.4 does not properly handle errors, which allows remote attackers to bypass the password requirement for shared-folder access by leveraging knowledg...Show more Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x through 10.6.4 does not properly handle errors, which allows remote attackers to bypass the password requirement for shared-folder access by leveraging knowledge of a valid account name.Show less
CVE-2010-1808 1Apple 3Apple Type Services Mac Os XMac Os X Server Apr 29, 2026 Aug 25, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font...Show more Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document.Show less
CVE-2010-1802 1Apple 3Libsecurity Mac Os XMac Os X Server Apr 29, 2026 Aug 25, 2010 N/A· v4 N/A· v3 6.4 MEDIUM· v2 libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associat...Show more libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con certificate to spoof www.example.com.Show less
CVE-2010-1801 1Apple 3Coregraphics Mac Os XMac Os X Server Apr 29, 2026 Aug 25, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file.
CVE-2010-1800 1Apple 3Cfnetwork Mac Os XMac Os X Server Apr 29, 2026 Aug 25, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses.
CVE-2010-2808 3Apple CanonicalFreetype 5Freetype Iphone OsMac Os X+2 more Apr 29, 2026 Aug 19, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrar...Show more Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font.Show less

Previous 1...125126127...161 Next