Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2009-0012 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Feb 13, 2009 N/A· v4 N/A· v3 10.0 HIGH· v2 Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string.
CVE-2009-0011 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Feb 13, 2009 N/A· v4 N/A· v3 7.2 HIGH· v2 Certificate Assistant in Apple Mac OS X 10.5.6 allows local users to overwrite arbitrary files via unknown vectors related to an "insecure file operation" on a temporary file.
CVE-2009-0009 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Feb 13, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Unspecified vulnerability in the Pixlet codec in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted movie fi...Show more Unspecified vulnerability in the Pixlet codec in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted movie file that triggers memory corruption.Show less
CVE-2009-0142 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Feb 12, 2009 N/A· v4 N/A· v3 1.9 LOW· v2 Race condition in AFP Server in Apple Mac OS X 10.5.6 allows local users to cause a denial of service (infinite loop) via unspecified vectors related to "file enumeration logic."
CVE-2008-4237 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Dec 17, 2008 N/A· v4 N/A· v3 10.0 HIGH· v2 Managed Client in Apple Mac OS X before 10.5.6 sometimes misidentifies a system when installing per-host configuration settings, which allows context-dependent attackers to have an unspecified impact by leveraging uninte...Show more Managed Client in Apple Mac OS X before 10.5.6 sometimes misidentifies a system when installing per-host configuration settings, which allows context-dependent attackers to have an unspecified impact by leveraging unintended settings, as demonstrated by the screen saver lock setting.Show less
CVE-2008-4236 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Dec 17, 2008 N/A· v4 N/A· v3 7.1 HIGH· v2 Apple Type Services (ATS) in Apple Mac OS X 10.5 before 10.5.6 allows remote attackers to cause a denial of service (infinite loop) via a crafted embedded font in a PDF file.
CVE-2008-4234 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Dec 17, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 Incomplete blacklist vulnerability in the Quarantine feature in CoreTypes in Apple Mac OS X 10.5 before 10.5.6 allows user-assisted remote attackers to execute arbitrary code via an executable file with the content type...Show more Incomplete blacklist vulnerability in the Quarantine feature in CoreTypes in Apple Mac OS X 10.5 before 10.5.6 allows user-assisted remote attackers to execute arbitrary code via an executable file with the content type indicating no application association for the file, which does not trigger a "potentially unsafe" warning message.Show less
CVE-2008-4224 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Dec 17, 2008 N/A· v4 N/A· v3 7.1 HIGH· v2 UDF in Apple Mac OS X before 10.5.6 allows user-assisted attackers to cause a denial of service (system crash) via a malformed UDF volume in a crafted ISO file.
CVE-2008-4222 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Dec 17, 2008 N/A· v4 N/A· v3 7.1 HIGH· v2 natd in network_cmds in Apple Mac OS X before 10.5.6, when Internet Sharing is enabled, allows remote attackers to cause a denial of service (infinite loop) via a crafted TCP packet.
CVE-2008-4221 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Dec 17, 2008 N/A· v4 N/A· v3 10.0 HIGH· v2 The strptime API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted date string,...Show more The strptime API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted date string, related to improper memory allocation.Show less
CVE-2008-4220 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Dec 17, 2008 N/A· v4 N/A· v3 10.0 HIGH· v2 Integer overflow in the inet_net_pton API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors...Show more Integer overflow in the inet_net_pton API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. NOTE: this may be related to the WLB-2008080064 advisory published by SecurityReason on 20080822; however, as of 20081216, there are insufficient details to be sure.Show less
CVE-2008-4219 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Dec 17, 2008 N/A· v4 N/A· v3 4.9 MEDIUM· v2 The kernel in Apple Mac OS X before 10.5.6 allows local users to cause a denial of service (infinite loop and system halt) by running an application that is dynamically linked to libraries on an NFS server, related to oc...Show more The kernel in Apple Mac OS X before 10.5.6 allows local users to cause a denial of service (infinite loop and system halt) by running an application that is dynamically linked to libraries on an NFS server, related to occurrence of an exception in this application.Show less
CVE-2008-4218 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Dec 17, 2008 N/A· v4 N/A· v3 7.2 HIGH· v2 Multiple integer overflows in the kernel in Apple Mac OS X before 10.5.6 on Intel platforms allow local users to gain privileges via a crafted call to (1) i386_set_ldt or (2) i386_get_ldt.
CVE-2008-4217 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Dec 17, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 Integer signedness error in BOM in Apple Mac OS X before 10.5.6 allows remote attackers to execute arbitrary code via the headers in a crafted CPIO archive, leading to a stack-based buffer overflow.
CVE-2008-5183 3Apple DebianOpensuse 5Cups Debian LinuxMac Os X+2 more Apr 23, 2026 Nov 21, 2008 N/A· v4 7.5 HIGH· v3 4.3 MEDIUM· v2 cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NO...Show more cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184.Show less
CVE-2008-4214 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Oct 10, 2008 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and 10.5.5 allows local users to cause the scripting dictionary to be written to arbitrary locations, related to an "insecure file operation" on temporary fi...Show more Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and 10.5.5 allows local users to cause the scripting dictionary to be written to arbitrary locations, related to an "insecure file operation" on temporary files.Show less
CVE-2008-4212 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Oct 10, 2008 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in rlogind in the rlogin component in Mac OS X 10.4.11 and 10.5.5 applies hosts.equiv entries to root despite what is stated in documentation, which might allow remote attackers to bypass intend...Show more Unspecified vulnerability in rlogind in the rlogin component in Mac OS X 10.4.11 and 10.5.5 applies hosts.equiv entries to root despite what is stated in documentation, which might allow remote attackers to bypass intended access restrictions.Show less
CVE-2008-4211 1Apple 3Iphone Os Mac Os XMac Os X Server Apr 23, 2026 Oct 10, 2008 N/A· v4 N/A· v3 10.0 HIGH· v2 Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of servic...Show more Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Microsoft Excel file that triggers an out-of-bounds memory access, related to "handling of columns."Show less
CVE-2008-3647 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Oct 10, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a PostScript file with a crafted bounding box c...Show more Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a PostScript file with a crafted bounding box comment.Show less
CVE-2008-3646 1Apple 1Mac Os X Apr 23, 2026 Oct 10, 2008 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The Postfix configuration file in Mac OS X 10.5.5 causes Postfix to be network-accessible when mail is sent from a local command-line tool, which allows remote attackers to send mail to local Mac OS X users.

Previous 1...134135136...161 Next