Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2005-2757 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Dec 1, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to execute arbitrary code via unknown attack vectors involving "validation of URLs."
CVE-2005-2752 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Nov 1, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 a...Show more An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406.Show less
CVE-2005-2751 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Nov 1, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 memberd in Mac OS X 10.4 up to 10.4.2, in certain situations, does not quickly synchronize access control checks with changes in group membership, which could allow users to access files and other resources after they ha...Show more memberd in Mac OS X 10.4 up to 10.4.2, in certain situations, does not quickly synchronize access control checks with changes in group membership, which could allow users to access files and other resources after they have been removed from a group.Show less
CVE-2005-2749 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Nov 1, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 Unspecified vulnerability in the Finder Get Info window for Mac OS X 10.4 up to 10.4.2 causes Finder to misrepresent file and group ownership information. NOTE: it is not clear whether this issue satisfies the CVE defin...Show more Unspecified vulnerability in the Finder Get Info window for Mac OS X 10.4 up to 10.4.2 causes Finder to misrepresent file and group ownership information. NOTE: it is not clear whether this issue satisfies the CVE definition of a vulnerability.Show less
CVE-2005-2739 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Nov 1, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password.
CVE-2005-2746 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Oct 26, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message contents when using auto-reply rules, which could cause Mail.app to include decrypted message contents for encrypted messages.
CVE-2005-2745 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Oct 26, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Mail.app in Mail for Apple Mac OS X 10.3.9, when using Kerberos 5 for SMTP authentication, can include uninitialized memory in a message, which might allow remote attackers to obtain sensitive information.
CVE-2005-2743 1Apple 3Mac Os X Mac Os X ServerQuicktime Apr 16, 2026 Oct 26, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X 10.3.9 allow untrusted applets to call arbitrary functions in system libraries, which allows remote attackers to execute arbitrary code.
CVE-2005-2742 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Oct 26, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 SecurityAgent in Apple Mac OS X 10.4.2, under certain circumstances, can cause the "Switch User..." button to appear even though the "Enable fast user switching" setting is disabled, which can allow attackers with physic...Show more SecurityAgent in Apple Mac OS X 10.4.2, under certain circumstances, can cause the "Switch User..." button to appear even though the "Enable fast user switching" setting is disabled, which can allow attackers with physical access to gain access to the desktop and bypass the "Require password to wake this computer from sleep or screen saver" setting.Show less
CVE-2005-2741 2Apple Perry Kiehtreiber 3Mac Os X Mac Os X ServerSecurityd Apr 16, 2026 Oct 26, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 Authorization Services in securityd for Apple Mac OS X 10.3.9 allows local users to gain privileges by granting themselves certain rights that should be restricted to administrators.
CVE-2005-2524 1Apple 3Mac Os X Mac Os X ServerSafari Apr 16, 2026 Oct 26, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Safari after 2.0 in Apple Mac OS X 10.3.9 allows remote attackers to bypass domain restrictions via crafted web archives that cause Safari to render them as if they came from a different site.
CVE-2005-2748 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Oct 25, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setui...Show more The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application.Show less
CVE-2005-2747 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Oct 25, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in ImageIO for Apple Mac OS X 10.4.2, as used by applications such as WebCore and Safari, allows remote attackers to execute arbitrary code via a crafted GIF file.
CVE-2005-2744 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Oct 25, 2005 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Buffer overflow in QuickDraw Manager for Apple OS X 10.3.9 and 10.4.2, as used by applications such as Safari, Mail, and Finder, allows remote attackers to execute arbitrary code via a crafted PICT file.
CVE-2005-2526 2Apple Easy Software Products 2Cups Mac Os X Apr 16, 2026 Aug 19, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a denial of service (CPU consumption) by sending a partial IPP request and closing the connection.
CVE-2005-2525 2Apple Easy Software Products 2Cups Mac Os X Apr 16, 2026 Aug 19, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple simultaneous print jobs, which allows remote attackers to cause a denial of service (printing halt).
CVE-2005-2523 1Apple 2Mac Os X Weblog Server Apr 16, 2026 Aug 19, 2005 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in Weblog Server in Mac OS X 10.4 to 10.4.2 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2005-2522 1Apple 2Mac Os X Safari Apr 16, 2026 Aug 19, 2005 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Safari in WebKit in Mac OS X 10.4 to 10.4.2 directly accesses URLs within PDF files without the normal security checks, which allows remote attackers to execute arbitrary code via links in a PDF file.
CVE-2005-2521 1Apple 1Mac Os X Apr 16, 2026 Aug 19, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Buffer overflow in traceroute in Mac OS X 10.3.9 allows local users to execute arbitrary code via unknown vectors.
CVE-2005-2520 1Apple 1Mac Os X Apr 16, 2026 Aug 19, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 The password assistant in Mac OS X 10.4 to 10.4.2, when used to create multiple accounts from the same process, does not reset the suggested password list when the assistant is displayed, which allows attackers to view r...Show more The password assistant in Mac OS X 10.4 to 10.4.2, when used to create multiple accounts from the same process, does not reset the suggested password list when the assistant is displayed, which allows attackers to view recently used passwords.Show less

Previous 1...151152153...161 Next