Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2006-0391 1Apple 1Mac Os X Apr 16, 2026 Mar 3, 2006 N/A· v4 N/A· v3 1.7 LOW· v2 Directory traversal vulnerability in the BOM framework in Mac OS X 10.x before 10.3.9 and 10.4 before 10.4.5 allows user-assisted attackers to overwrite or create arbitrary files via an archive that is handled by BOMArch...Show more Directory traversal vulnerability in the BOM framework in Mac OS X 10.x before 10.3.9 and 10.4 before 10.4.5 allows user-assisted attackers to overwrite or create arbitrary files via an archive that is handled by BOMArchiveHelper.Show less
CVE-2006-0389 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Mar 3, 2006 N/A· v4 N/A· v3 2.6 LOW· v2 Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) in Mac OS X 10.4 through 10.4.5 allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds.
CVE-2006-0388 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Mar 3, 2006 N/A· v4 N/A· v3 2.6 LOW· v2 Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources...Show more Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources.Show less
CVE-2006-0386 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Mar 3, 2006 N/A· v4 N/A· v3 1.7 LOW· v2 FileVault in Mac OS X 10.4.5 and earlier does not properly mount user directories when creating a FileVault image, which allows local users to access protected files when FileVault is enabled.
CVE-2006-0384 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Mar 2, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to "mount file systems with reser...Show more automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to "mount file systems with reserved names".Show less
CVE-2006-0383 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Mar 2, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 IPSec when used with VPN networks in Mac OS X 10.4 through 10.4.5 allows remote attackers to cause a denial of service (application crash) via unspecified vectors involving the "incorrect handling of error conditions".
CVE-2006-0848 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Feb 22, 2006 N/A· v4 N/A· v3 5.1 MEDIUM· v2 The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadat...Show more The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the Terminal, which automatically interprets the script using bash, as demonstrated using a ZIP file that contains a script with a safe file extension.Show less
CVE-2006-0382 1Apple 1Mac Os X Apr 16, 2026 Feb 14, 2006 N/A· v4 N/A· v3 2.1 LOW· v2 Apple Mac OS X 10.4.5 and allows local users to cause a denial of service (crash) via an undocumented system call.
CVE-2005-3782 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and rebo...Show more Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequences after the username.Show less
CVE-2005-3712 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 6.5 MEDIUM· v2 Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated users to execute arbitrary code via long extended attributes.
CVE-2005-3706 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 6.4 MEDIUM· v2 Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4.5 allows context-dependent attackers to execute arbitrary code by causing an application that uses LibSystem to request a large amount of memory.
CVE-2005-2714 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 6.8 MEDIUM· v2 passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file.
CVE-2005-2713 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 6.8 MEDIUM· v2 passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option.
CVE-2005-2194 1Apple 1Mac Os X Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unspecified vulnerability in the Apple Mac OS X kernel before 10.4.2 allows remote attackers to cause a denial of service (kernel panic) via a crafted TCP packet, possibly related to source routing or loose source routin...Show more Unspecified vulnerability in the Apple Mac OS X kernel before 10.4.2 allows remote attackers to cause a denial of service (kernel panic) via a crafted TCP packet, possibly related to source routing or loose source routing.Show less
CVE-2005-1726 1Apple 1Mac Os X Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 The CoreGraphics Window Server in Mac OS X 10.4.1 allows local users with console access to gain privileges by "launching commands into root sessions."
CVE-2005-4504 1Apple 4Mac Os X Mac Os X ServerSafari+1 more Apr 16, 2026 Dec 22, 2005 N/A· v4 N/A· v3 7.8 HIGH· v2 The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and applica...Show more The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag.Show less
CVE-2005-3705 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Dec 1, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, as used in applications such as Safari, allows remote attackers to execute arbitrary code via unknown attack vectors.
CVE-2005-3704 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Dec 1, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to spoof syslog messages in log files by injecting various control characters such as newline (NL).
CVE-2005-3702 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Dec 1, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be downloaded to locations outside the download directory via a long file name.
CVE-2005-3700 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Dec 1, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Unknown vulnerability in iodbcadmintool in the ODBC Administrator utility in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows local users to execute arbitrary code via unknown attack vectors.

Previous 1...150151152...161 Next