Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X Server
Subscriptions
Total
817 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-1396 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the contentEditable attribute and removing container elements. | ||||
| CVE-2011-3224 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execute arbitrary code by spoofing the http server. | ||||
| CVE-2011-3459 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Off-by-one error in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted rdrf atom in a movie file that triggers a buffer overflow. | ||||
| CVE-2011-3231 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2025-04-11 | N/A |
| The SSL implementation in Apple Safari before 5.1.1 on Mac OS X before 10.7 accesses uninitialized memory during the processing of X.509 certificates, which allows remote web servers to execute arbitrary code via a crafted certificate. | ||||
| CVE-2011-3448 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Heap-based buffer overflow in CoreMedia in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. | ||||
| CVE-2011-3450 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| CoreUI in Apple Mac OS X 10.7.x before 10.7.3 does not properly restrict the allocation of stack memory, which allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption and application crash) via a long URL. | ||||
| CVE-2010-0512 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| The Accounts Preferences implementation in Apple Mac OS X 10.6 before 10.6.3, when a network account server is used, does not support Login Window access control that is based solely on group membership, which allows attackers to bypass intended access restrictions by entering login credentials. | ||||
| CVE-2010-0500 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service (arbitrary client blacklisting) via a crafted DNS PTR record, related to a "plist injection issue." | ||||
| CVE-2010-3808 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | N/A |
| WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of editing commands, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. | ||||
| CVE-2010-0505 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 (JPEG2000) image, related to incorrect calculation and the CGImageReadGetBytesAtOffset function. | ||||
| CVE-2010-0513 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Stack-based buffer overflow in PS Normalizer in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PostScript document. | ||||
| CVE-2010-0535 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors. | ||||
| CVE-2010-0508 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Mail in Apple Mac OS X before 10.6.3 does not disable the filter rules associated with a deleted mail account, which has unspecified impact and attack vectors. | ||||
| CVE-2013-0973 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Software Update in Apple Mac OS X through 10.7.5 does not prevent plugin loading within the marketing-text WebView, which allows man-in-the-middle attackers to execute plugin code by modifying the client-server data stream. | ||||
| CVE-2010-0506 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted NEF image. | ||||
| CVE-2010-0509 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| SFLServer in OS Services in Apple Mac OS X before 10.6.3 allows local users to gain privileges via vectors related to use of wheel group membership during access to the home directories of user accounts. | ||||
| CVE-2010-0501 | 1 Apple | 1 Mac Os X Server | 2025-04-11 | N/A |
| Directory traversal vulnerability in FTP Server in Apple Mac OS X Server before 10.6.3 allows remote authenticated users to read arbitrary files via crafted filenames. | ||||
| CVE-2013-0966 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI. | ||||
| CVE-2010-0502 | 1 Apple | 1 Mac Os X Server | 2025-04-11 | N/A |
| iChat Server in Apple Mac OS X Server before 10.6.3, when group chat is used, does not perform logging for all types of messages, which might allow remote attackers to avoid message auditing via an unspecified selection of message type. | ||||
| CVE-2010-0533 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Directory traversal vulnerability in AFP Server in Apple Mac OS X before 10.6.3 allows remote attackers to list a share root's parent directory, and read and modify files in that directory, via unspecified vectors. | ||||