Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2007-4708 1Apple 1Mac Os X Apr 23, 2026 Dec 19, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via the URL handler.
CVE-2007-3876 1Apple 1Mac Os X Apr 23, 2026 Dec 19, 2007 N/A· v4 N/A· v3 6.6 MEDIUM· v2 Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows local users to execute arbitrary code via (1) a long workgroup (-W) option to mount_smbfs or (2) an unspecified manipulation of the command line to smbu...Show more Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows local users to execute arbitrary code via (1) a long workgroup (-W) option to mount_smbfs or (2) an unspecified manipulation of the command line to smbutil.Show less
CVE-2007-5862 1Apple 1Mac Os X Apr 23, 2026 Dec 18, 2007 N/A· v4 N/A· v3 9.4 HIGH· v2 Java in Mac OS X 10.4 through 10.4.11 allows remote attackers to bypass Keychain access controls and add or delete arbitrary Keychain items via a crafted Java applet.
CVE-2007-6359 1Apple 1Mac Os X Apr 23, 2026 Dec 15, 2007 N/A· v4 N/A· v3 4.9 MEDIUM· v2 The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed...Show more The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return NULL.Show less
CVE-2007-6276 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Dec 7, 2007 N/A· v4 N/A· v3 7.8 HIGH· v2 The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted...Show more The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112.Show less
CVE-2007-6261 1Apple 1Mac Os X Apr 23, 2026 Dec 6, 2007 N/A· v4 N/A· v3 4.9 MEDIUM· v2 Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinite loop) via a crafted...Show more Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinite loop) via a crafted Mach-O binary.Show less
CVE-2007-6165 1Apple 1Mac Os X Apr 23, 2026 Nov 29, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote attackers to execute arbitrary code via an AppleDouble attachment containing an apparently-safe file type and script in a resource fork, which does not...Show more Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote attackers to execute arbitrary code via an AppleDouble attachment containing an apparently-safe file type and script in a resource fork, which does not warn the user that a separate program is going to be executed. NOTE: this is a regression error related to CVE-2006-0395.Show less
CVE-2007-4704 1Apple 1Mac Os X Apr 23, 2026 Nov 15, 2007 N/A· v4 N/A· v3 10.0 HIGH· v2 The Application Firewall in Apple Mac OS X 10.5 does not apply changed settings to processes that are started by launchd until the processes are restarted, which might allow attackers to bypass intended access restrictio...Show more The Application Firewall in Apple Mac OS X 10.5 does not apply changed settings to processes that are started by launchd until the processes are restarted, which might allow attackers to bypass intended access restrictions.Show less
CVE-2007-4703 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 15, 2007 N/A· v4 N/A· v3 10.0 HIGH· v2 The Application Firewall in Apple Mac OS X 10.5 does not prevent a root process from accepting incoming connections, even when "Block incoming connections" has been set for its associated executable, which might allow re...Show more The Application Firewall in Apple Mac OS X 10.5 does not prevent a root process from accepting incoming connections, even when "Block incoming connections" has been set for its associated executable, which might allow remote attackers or local root processes to bypass intended access restrictions.Show less
CVE-2007-4702 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 15, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 The Application Firewall in Apple Mac OS X 10.5, when "Block all incoming connections" is enabled, does not prevent root processes or mDNSResponder from accepting connections, which might allow remote attackers or local...Show more The Application Firewall in Apple Mac OS X 10.5, when "Block all incoming connections" is enabled, does not prevent root processes or mDNSResponder from accepting connections, which might allow remote attackers or local root processes to bypass intended access restrictions.Show less
CVE-2007-4701 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 15, 2007 N/A· v4 N/A· v3 2.1 LOW· v2 WebKit on Apple Mac OS X 10.4 through 10.4.10 does not create temporary files securely when Safari is previewing a PDF file, which allows local users to read the contents of that file.
CVE-2007-4700 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 15, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 Unspecified vulnerability in WebKit on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to use Safari as an indirect proxy and send attacker-controlled data to arbitrary TCP ports via unknown vectors.
CVE-2007-4697 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 15, 2007 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Unspecified vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via unknown vectors related to browser...Show more Unspecified vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via unknown vectors related to browser history, which triggers memory corruption.Show less
CVE-2007-4696 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 15, 2007 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Race condition in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain information for forms from other sites via unknown vectors related to "page transitions" in Safari.
CVE-2007-4695 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 15, 2007 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Unspecified "input validation" vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to modify form field values via unknown vectors related to file uploads.
CVE-2007-4694 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 15, 2007 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Safari in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to access local content via file:// URLs.
CVE-2007-4693 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 15, 2007 N/A· v4 N/A· v3 7.2 HIGH· v2 The SecurityAgent component in Mac OS X 10.4 through 10.4.10 allows attackers with physical access to bypass the authentication dialog of the screen saver and send keystrokes to a process, related to "handling of keyboar...Show more The SecurityAgent component in Mac OS X 10.4 through 10.4.10 allows attackers with physical access to bypass the authentication dialog of the screen saver and send keystrokes to a process, related to "handling of keyboard focus between secure text fields."Show less
CVE-2007-4691 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 15, 2007 N/A· v4 N/A· v3 10.0 HIGH· v2 The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs.
CVE-2007-4690 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 15, 2007 N/A· v4 N/A· v3 9.0 HIGH· v2 Double free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote authenticated users to execute arbitrary code via a crafted AUTH_UNIX RPC packet.
CVE-2007-4689 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 15, 2007 N/A· v4 N/A· v3 10.0 HIGH· v2 Double free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via crafted IPV6 packets.

Previous 1...140141142...161 Next