Export limit exceeded: 351332 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (5617 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2749 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Unspecified vulnerability in the Finder Get Info window for Mac OS X 10.4 up to 10.4.2 causes Finder to misrepresent file and group ownership information. NOTE: it is not clear whether this issue satisfies the CVE definition of a vulnerability. | ||||
| CVE-2005-2748 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application. | ||||
| CVE-2004-0921 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2026-04-16 | N/A |
| AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets. | ||||
| CVE-2003-0883 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| The System Preferences capability in Mac OS X before 10.3 allows local users to access secure Preference Panes for a short period after an administrator has authenticated to the system. | ||||
| CVE-2005-2747 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Buffer overflow in ImageIO for Apple Mac OS X 10.4.2, as used by applications such as WebCore and Safari, allows remote attackers to execute arbitrary code via a crafted GIF file. | ||||
| CVE-2005-2746 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message contents when using auto-reply rules, which could cause Mail.app to include decrypted message contents for encrypted messages. | ||||
| CVE-2004-0886 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2026-04-16 | N/A |
| Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. | ||||
| CVE-2005-2745 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Mail.app in Mail for Apple Mac OS X 10.3.9, when using Kerberos 5 for SMTP authentication, can include uninitialized memory in a message, which might allow remote attackers to obtain sensitive information. | ||||
| CVE-2005-2744 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Buffer overflow in QuickDraw Manager for Apple OS X 10.3.9 and 10.4.2, as used by applications such as Safari, Mail, and Finder, allows remote attackers to execute arbitrary code via a crafted PICT file. | ||||
| CVE-2004-0825 | 1 Apple | 1 Mac Os X Server | 2026-04-16 | N/A |
| QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service (application deadlock) via a certain sequence of operations. | ||||
| CVE-2003-0882 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Mac OS X before 10.3 initializes the TCP timestamp with a constant number, which allows remote attackers to determine the system's uptime via the ID field in a TCP packet. | ||||
| CVE-2002-1371 | 3 Apple, Easy Software Products, Redhat | 3 Mac Os X, Cups, Linux | 2026-04-16 | N/A |
| filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif. | ||||
| CVE-2005-2743 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2026-04-16 | N/A |
| The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X 10.3.9 allow untrusted applets to call arbitrary functions in system libraries, which allows remote attackers to execute arbitrary code. | ||||
| CVE-2005-2742 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| SecurityAgent in Apple Mac OS X 10.4.2, under certain circumstances, can cause the "Switch User..." button to appear even though the "Enable fast user switching" setting is disabled, which can allow attackers with physical access to gain access to the desktop and bypass the "Require password to wake this computer from sleep or screen saver" setting. | ||||
| CVE-2004-0824 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files. | ||||
| CVE-2005-2741 | 2 Apple, Perry Kiehtreiber | 3 Mac Os X, Mac Os X Server, Securityd | 2026-04-16 | N/A |
| Authorization Services in securityd for Apple Mac OS X 10.3.9 allows local users to gain privileges by granting themselves certain rights that should be restricted to administrators. | ||||
| CVE-2005-2739 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password. | ||||
| CVE-2004-0823 | 3 Apple, Openldap, Redhat | 4 Mac Os X, Mac Os X Server, Openldap and 1 more | 2026-04-16 | N/A |
| OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them. | ||||
| CVE-2003-0881 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password. | ||||
| CVE-2005-2714 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file. | ||||