Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2006-1472 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Aug 2, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unspecified vulnerability in AFP Server in Apple Mac OS X 10.3.9 allows remote attackers to determine names of unauthorized files and folders via unknown vectors related to the search results.
CVE-2006-3946 1Apple 2Mac Os X Safari Apr 16, 2026 Jul 31, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted HTML that triggers a "memory management error" in WebK...Show more WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted HTML that triggers a "memory management error" in WebKit, possibly due to a buffer overflow, as originally reported for the KHTMLParser::popOneBlock function in Apple Safari 2.0.4 using Javascript that changes document.body.innerHTML within a DIV tag.Show less
CVE-2006-3356 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Jul 6, 2006 N/A· v4 N/A· v3 2.6 LOW· v2 The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to cause a denial of service (application crash) via an invalid tag value in a TIFF image, possibly trigger...Show more The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to cause a denial of service (application crash) via an invalid tag value in a TIFF image, possibly triggering a null dereference. NOTE: This is a different issue than CVE-2006-1469.Show less
CVE-2006-1471 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Jun 27, 2006 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a syslog call i...Show more Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a syslog call in the logging facility, as demonstrated by using a crafted plist file.Show less
CVE-2006-1470 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Jun 27, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error.
CVE-2006-1469 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Jun 27, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image.
CVE-2006-1468 1Apple 1Mac Os X Apr 16, 2026 Jun 27, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unspecified vulnerability in Apple File Protocol (AFP) server in Apple Mac OS X 10.4 up to 10.4.6 includes the names of restricted files and folders within search results, which might allow remote attackers to obtain sen...Show more Unspecified vulnerability in Apple File Protocol (AFP) server in Apple Mac OS X 10.4 up to 10.4.6 includes the names of restricted files and folders within search results, which might allow remote attackers to obtain sensitive information.Show less
CVE-2006-1466 1Apple 2Mac Os X Xcode Apr 16, 2026 May 24, 2006 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects plugin, allows remote attackers to access or modify WebObjects projects through a network service.
CVE-2006-1457 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 May 12, 2006 N/A· v4 N/A· v3 2.6 LOW· v2 Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote attackers to overwrite arbitrary files via an archive that contains a s...Show more Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote attackers to overwrite arbitrary files via an archive that contains a symlink.Show less
CVE-2006-1456 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 May 12, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging.
CVE-2006-1455 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 May 12, 2006 N/A· v4 N/A· v3 7.8 HIGH· v2 QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, which triggers a null de...Show more QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, which triggers a null dereference.Show less
CVE-2006-1452 1Apple 1Mac Os X Apr 16, 2026 May 12, 2006 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to 10.4.6 allows local users to execute arbitrary code via a deep directory hierarchy.
CVE-2006-1451 1Apple 1Mac Os X Apr 16, 2026 May 12, 2006 N/A· v4 N/A· v3 7.2 HIGH· v2 MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows loc...Show more MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database.Show less
CVE-2006-1450 1Apple 1Mac Os X Apr 16, 2026 May 12, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classe...Show more Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes.Show less
CVE-2006-1449 1Apple 1Mac Os X Apr 16, 2026 May 12, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted MacMIME encapsulated attachment.
CVE-2006-1448 1Apple 1Mac Os X Apr 16, 2026 May 12, 2006 N/A· v4 N/A· v3 6.5 MEDIUM· v2 Finder in Apple Mac OS X 10.3.9 and 10.4.6 allows user-assisted attackers to execute arbitrary code by tricking a user into launching an Internet Location item that appears to use a safe URL scheme, but which actually ha...Show more Finder in Apple Mac OS X 10.3.9 and 10.4.6 allows user-assisted attackers to execute arbitrary code by tricking a user into launching an Internet Location item that appears to use a safe URL scheme, but which actually has a different and more risky scheme.Show less
CVE-2006-1447 1Apple 1Mac Os X Apr 16, 2026 May 12, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to cause Safari to launch unsafe content via long file name extensions, which prevents Download Validation from determining which application will be used t...Show more LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to cause Safari to launch unsafe content via long file name extensions, which prevents Download Validation from determining which application will be used to open the file.Show less
CVE-2006-1446 1Apple 1Mac Os X Apr 16, 2026 May 12, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an application to bypass a locked Keychain by first obtaining a reference to the Keychain when it is unlocked, then reusing that reference after the Keychain has b...Show more Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an application to bypass a locked Keychain by first obtaining a reference to the Keychain when it is unlocked, then reusing that reference after the Keychain has been locked.Show less
CVE-2006-1445 1Apple 1Mac Os X Apr 16, 2026 May 12, 2006 N/A· v4 N/A· v3 6.5 MEDIUM· v2 Buffer overflow in the FTP server (FTPServer) in Apple Mac OS X 10.3.9 and 10.4.6 allows remote authenticated users to execute arbitrary code via vectors related to "FTP server path name handling."
CVE-2006-1444 1Apple 1Mac Os X Apr 16, 2026 May 12, 2006 N/A· v4 N/A· v3 2.1 LOW· v2 CoreGraphics in Apple Mac OS X 10.4.6, when "Enable access for assistive devices" is on, allows an application to bypass restrictions for secure event input and read certain events from other applications in the same win...Show more CoreGraphics in Apple Mac OS X 10.4.6, when "Enable access for assistive devices" is on, allows an application to bypass restrictions for secure event input and read certain events from other applications in the same window session by using Quartz Event Services.Show less

Previous 1...148149150...161 Next