Search Results (5636 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-3746 1 Apple 3 Ichat, Mac Os X, Mac Os X Server 2026-04-23 N/A
The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 does not properly check the bounds of heap read and write operations, which allows remote attackers to execute arbitrary code via a crafted applet.
CVE-2007-3747 1 Apple 3 Ichat, Mac Os X, Mac Os X Server 2026-04-23 N/A
The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 does not restrict object instantiation and manipulation to valid heap addresses, which allows remote attackers to execute arbitrary code via a crafted applet.
CVE-2006-4406 1 Apple 1 Mac Os X 2026-04-23 N/A
Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, when PPPoE is enabled, allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2006-6130 1 Apple 1 Mac Os X 2026-04-23 N/A
Apple Mac OS X AppleTalk allows local users to cause a denial of service (kernel panic) by calling the AIOCREGLOCALZN ioctl command with a crafted data structure on an AppleTalk socket.
CVE-2008-0989 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Format string vulnerability in mDNSResponderHelper in Apple Mac OS X 10.5.2 allows local users to execute arbitrary code via format string specifiers in the local hostname.
CVE-2006-4402 1 Apple 1 Mac Os X 2026-04-23 N/A
Heap-based buffer overflow in the Finder in Apple Mac OS X 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary code by browsing directories containing crafted .DS_Store files.
CVE-2006-4401 1 Apple 1 Mac Os X 2026-04-23 N/A
Unspecified vulnerability in CFNetwork in Mac OS 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary FTP commands via a crafted FTP URI.
CVE-2008-1147 8 Apple, Cosmicperl, Darwin and 5 more 9 Mac Os X, Mac Os X Server, Directory Pro and 6 more 2026-04-23 N/A
A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka "Algorithm X2"), as used in OpenBSD 2.6 through 3.4, Mac OS X 10 through 10.5.1, FreeBSD 4.4 through 7.0, and DragonFlyBSD 1.0 through 1.10.1, allows remote attackers to guess sensitive values such as IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as injection into TCP packets and OS fingerprinting.
CVE-2006-6292 1 Apple 2 Airport Extreme, Mac Os X 2026-04-23 N/A
Apple Airport Extreme firmware 0.1.27 in Mac OS X 10.4.8 on Mac mini, MacBook, and MacBook Pro with Core Duo hardware allows remote attackers to cause a denial of service (out-of-bounds memory access and kernel panic) and have possibly other security-related impact via certain beacon frames.
CVE-2006-6353 1 Apple 3 Bomarchivehelper, Mac Os X, Mac Os X Server 2026-04-23 N/A
Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X allow user-assisted remote attackers to cause a denial of service (application crash) via unspecified vectors related to (1) certain KERN_PROTECTION_FAILURE thread crashes and (2) certain KERN_INVALID_ADDRESS thread crashes, as discovered with the "iSec Partners FileP fuzzer".
CVE-2008-0993 1 Apple 3 Mac Os X, Mac Os X Server, Podcast Producer 2026-04-23 N/A
Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in command line arguments, which allows local users to read the passwords via process listings.
CVE-2008-0994 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which makes it easier for attackers to decrypt the file via brute force methods.
CVE-2008-0998 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Unspecified vulnerability in NetCfgTool in the System Configuration component in Apple Mac OS X 10.4.11 and 10.5.2 allows local users to bypass authorization and execute arbitrary code via crafted distributed objects.
CVE-2008-0996 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk when starting a job on an authenticated print queue, which might allow local users to obtain the credentials.
CVE-2008-0999 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Apple Mac OS X 10.5.2 allows user-assisted attackers to cause a denial of service (crash) via a crafted Universal Disc Format (UDF) disk image, which triggers a NULL pointer dereference.
CVE-2007-0117 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) files, which allows attackers to gain privileges via a BOM file under /Library/Receipts/, which triggers arbitrary file permission changes upon execution of a diskutil permission repair operation.
CVE-2007-0236 1 Apple 1 Mac Os X 2026-04-23 N/A
Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (kernel panic) and possibly execute arbitrary code via a crafted AppleTalk request that triggers a heap-based buffer overflow.
CVE-2007-0318 1 Apple 1 Mac Os X 2026-04-23 N/A
The do_hfs_truncate function in Mac OS X 10.4.8 allows context-dependent attackers to cause a denial of service (kernel panic) via a crafted HFS+ filesystem in a DMG image, which causes an access of an invalid vnode structure during file removal.
CVE-2007-0465 1 Apple 2 Installer, Mac Os X 2026-04-23 N/A
Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename.
CVE-2006-4403 1 Apple 1 Mac Os X 2026-04-23 N/A
The FTP server in Apple Mac OS X 10.4.8 and earlier, when FTP Access is enabled, will crash when a login failure occurs with a valid user name, which allows remote attackers to cause a denial of service (crash) and enumerate valid usernames.