Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2005-1332 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 May 4, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the...Show more Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory.Show less
CVE-2005-1331 1Apple 3Applescript Mac Os XMac Os X Server Apr 16, 2026 May 4, 2005 N/A· v4 N/A· v3 5.1 MEDIUM· v2 The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attacke...Show more The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.Show less
CVE-2005-1330 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 May 4, 2005 N/A· v4 N/A· v3 4.9 MEDIUM· v2 AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception.
CVE-2005-1430 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 May 3, 2005 N/A· v4 N/A· v3 3.6 LOW· v2 Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users.
CVE-2005-1343 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 May 3, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument.
CVE-2005-0975 2Apple Opendarwin 3Darwin Kernel Mac Os XMac Os X Server Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of ser...Show more Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service (CPU consumption) via a crafted mach-o header.Show less
CVE-2005-0970 1Apple 1Mac Os X Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 7.6 HIGH· v2 Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with escalated privileges via...Show more Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with escalated privileges via vulnerable scripts.Show less
CVE-2005-0712 1Apple 1Mac Os X Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Mac OS X before 10.3.8 users world-writable permissions for certain directories, which may allow local users to gain privileges, possibly via the receipt cache or ColorSync profiles.
CVE-2005-0342 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file.
CVE-2005-0127 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particu...Show more Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine.Show less
CVE-2005-0126 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute arbitrary code via malformed ICC color profiles that modify the heap.
CVE-2005-0125 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read...Show more The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read arbitrary files via the -f argument to batch, which generates a job file that is readable by the local user.Show less
CVE-2005-1043 6Apple ConectivaPeachtree+3 more 7Linux Mac Os XMac Os X Server+4 more Apr 16, 2026 Apr 14, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
CVE-2005-0716 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Mar 21, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable.
CVE-2005-0715 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Mar 21, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Drop Boxes," which allows local users to read the contents of a Drop Box.
CVE-2005-0713 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Mar 21, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges.
CVE-2004-0927 2Apple Easy Software Products 3Cups Mac Os XMac Os X Server Apr 16, 2026 Jan 27, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions.
CVE-2004-0926 2Apple Easy Software Products 3Cups Mac Os XMac Os X Server Apr 16, 2026 Jan 27, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image.
CVE-2004-0925 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Jan 27, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, does not properly clear the username between authentication attempts, which allows users with the longest username to prevent other valid users from bei...Show more Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, does not properly clear the username between authentication attempts, which allows users with the longest username to prevent other valid users from being able to authenticate.Show less
CVE-2004-0924 2Apple Easy Software Products 3Cups Mac Os XMac Os X Server Apr 16, 2026 Jan 27, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial root login, reports the root account as being disabled, even when it has not.

Previous 1...154155156...161 Next