Export limit exceeded: 14365 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14365 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1081 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2026-04-16 | N/A |
| The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session. | ||||
| CVE-2001-0720 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attackers to execute arbitrary commands by causing a BinHex or MacBinary file type to be downloaded, which causes the files to be executed if automatic decoding is enabled. | ||||
| CVE-2006-0388 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources. | ||||
| CVE-2006-0387 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier, and 10.3.9 and earlier, allows remote attackers to execute arbitrary code via unspecified vectors involving a web page with crafted JavaScript, a different vulnerability than CVE-2005-4504. | ||||
| CVE-2004-1021 | 1 Apple | 1 Ical | 2026-04-16 | N/A |
| iCal before 1.5.4 on Mac OS X 10.2.3, and other later versions, does not alert the user when handling calendars that use alarms, which allows attackers to execute programs and send e-mail via alarms. | ||||
| CVE-2006-0386 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| FileVault in Mac OS X 10.4.5 and earlier does not properly mount user directories when creating a FileVault image, which allows local users to access protected files when FileVault is enabled. | ||||
| CVE-2003-0514 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | ||||
| CVE-2006-0384 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to "mount file systems with reserved names". | ||||
| CVE-2004-0988 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Integer overflow on Apple QuickTime before 6.5.2, when running on Windows systems, allows remote attackers to cause a denial of service (memory consumption) via certain inputs that cause a large memory operation. | ||||
| CVE-2006-0383 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| IPSec when used with VPN networks in Mac OS X 10.4 through 10.4.5 allows remote attackers to cause a denial of service (application crash) via unspecified vectors involving the "incorrect handling of error conditions". | ||||
| CVE-2006-0382 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Apple Mac OS X 10.4.5 and allows local users to cause a denial of service (crash) via an undocumented system call. | ||||
| CVE-2004-0962 | 1 Apple | 1 Apple Remote Desktop | 2026-04-16 | N/A |
| Apple Remote Desktop Client 1.2.4 executes a GUI application as root when it is started by an Apple Remote Desktop Administrator application, which allows remote authenticated users to execute arbitrary code when loginwindow is active via Fast User Switching. | ||||
| CVE-2003-0502 | 1 Apple | 1 Darwin Streaming Server | 2026-04-16 | N/A |
| Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of service (crash) via a .. (dot dot) sequence followed by an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different vulnerability than CVE-2003-0421. | ||||
| CVE-2002-1267 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Mac OS X 10.2.2 allows remote attackers to cause a denial of service by accessing the CUPS Printing Web Administration utility, aka "CUPS Printing Web Administration is Remotely Accessible." | ||||
| CVE-2005-4678 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| Apple Safari 2.0.2 (aka 416.12) allows remote attackers to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2004-0927 | 2 Apple, Easy Software Products | 3 Mac Os X, Mac Os X Server, Cups | 2026-04-16 | N/A |
| ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions. | ||||
| CVE-2005-4504 | 1 Apple | 4 Mac Os X, Mac Os X Server, Safari and 1 more | 2026-04-16 | N/A |
| The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag. | ||||
| CVE-2005-4217 | 1 Apple | 1 Mac Os X Server | 2026-04-16 | N/A |
| Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges when using the "$<" variable to set uid, which allows attackers to gain privileges. | ||||
| CVE-2004-0926 | 2 Apple, Easy Software Products | 3 Mac Os X, Mac Os X Server, Cups | 2026-04-16 | N/A |
| Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image. | ||||
| CVE-2005-4092 | 1 Apple | 2 Itunes, Quicktime | 2026-04-16 | N/A |
| Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a .mov file with (1) a Movie Resource atom with a large size value, or (2) an stsd atom with a modified Sample Description Table size value, and possibly other vectors involving media files. NOTE: item 1 was originally identified by CVE-2005-4127 for a pre-patch announcement, and item 2 was originally identified by CVE-2005-4128 for a pre-patch announcement. | ||||