Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2005-1474 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Jun 13, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933.
CVE-2005-1473 1Apple 1Mac Os X Apr 16, 2026 Jun 13, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field.
CVE-2005-1728 1Apple 1Mac Os X Apr 16, 2026 Jun 8, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credentials, which allows local users to obtain the credentials.
CVE-2005-1472 1Apple 1Mac Os X Apr 16, 2026 May 19, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce the permissions of certain directories without the POSIX read bit set, but with the execute bits set for group or other, which allows local users to l...Show more Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce the permissions of certain directories without the POSIX read bit set, but with the execute bits set for group or other, which allows local users to list files in otherwise restricted directories.Show less
CVE-2005-1260 4Apple BzipCanonical+1 more 4Bzip2 Debian LinuxMac Os X+1 more Apr 16, 2026 May 19, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
CVE-2005-1307 2Adobe Apple 2Mac Os X Version Cue Apr 16, 2026 May 17, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code b...Show more The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory.Show less
CVE-2005-0974 1Apple 1Mac Os X Apr 16, 2026 May 12, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 Unknown vulnerability in the nfs_mount call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments.
CVE-2005-0973 1Apple 1Mac Os X Apr 16, 2026 May 12, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 Unknown vulnerability in the setsockopt system call in Mac OS X 10.3.9 and earlier allows local users to cause a denial of service (memory exhaustion) via crafted arguments.
CVE-2005-0972 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 May 12, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to execute arbitrary code via crafted parameters.
CVE-2005-0971 1Apple 1Mac Os X Apr 16, 2026 May 12, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments.
CVE-2005-0969 1Apple 1Mac Os X Apr 16, 2026 May 12, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via crafted parameters.
CVE-2005-1342 1Apple 2Mac Os X Terminal Apr 16, 2026 May 4, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands.
CVE-2005-1341 1Apple 3Mac Os X Mac Os X ServerTerminal Apr 16, 2026 May 4, 2005 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences.
CVE-2005-1340 1Apple 1Mac Os X Apr 16, 2026 May 4, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy.
CVE-2005-1339 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 May 4, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name.
CVE-2005-1338 1Apple 1Mac Os X Apr 16, 2026 May 4, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext.
CVE-2005-1337 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 May 4, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI.
CVE-2005-1336 1Apple 1Mac Os X Apr 16, 2026 May 4, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable.
CVE-2005-1335 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 May 4, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner."
CVE-2005-1333 1Apple 1Mac Os X Apr 16, 2026 May 4, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files.

Previous 1...153154155...161 Next