Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Apple Subscribe
Filtered by product Mac Os X Server
Total 817 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-1235 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 7.2 HIGH N/A
XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls.
CVE-2008-3638 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 9.3 HIGH N/A
Java on Apple Mac OS X 10.5.4 and 10.5.5 does not prevent applets from accessing file:// URLs, which allows remote attackers to execute arbitrary programs.
CVE-2009-0014 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 2.1 LOW N/A
Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissions when recreating a Downloads folder after it has been deleted, which allows local users to bypass intended access restrictions and read the Downloads folder.
CVE-2009-0140 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 9.3 HIGH N/A
Unspecified vulnerability in the SMB component in Apple Mac OS X 10.4.11 and 10.5.6 allows remote SMB servers to cause a denial of service (memory exhaustion and system shutdown) via a crafted file system name.
CVE-2008-2314 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 4.4 MEDIUM N/A
Dock in Apple Mac OS X 10.5 before 10.5.4, when Exposé hot corners is enabled, allows physically proximate attackers to gain access to a locked session in (1) sleep mode or (2) screen saver mode via unspecified vectors.
CVE-2009-0010 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 9.3 HIGH N/A
Integer underflow in QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, and Apple QuickTime before 7.6.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a crafted 0x77 Poly tag and a crafted length field, which triggers a heap-based buffer overflow.
CVE-2008-2332 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 9.3 HIGH N/A
ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted TIFF image.
CVE-2009-0158 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 6.8 MEDIUM N/A
Stack-based buffer overflow in telnet in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long hostname for a telnet server.
CVE-2009-1237 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 4.9 MEDIUM N/A
Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allow local users to cause a denial of service (kernel memory consumption) via a crafted (1) SYS_add_profil or (2) SYS___mac_getfsstat system call.
CVE-2008-0994 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 2.6 LOW N/A
Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which makes it easier for attackers to decrypt the file via brute force methods.
CVE-2008-1036 2 Apple, Redhat 3 Mac Os X, Mac Os X Server, Enterprise Linux 2024-02-28 4.3 MEDIUM N/A
The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character encodings, which might allow remote attackers to conduct cross-site scripting (XSS) attacks.
CVE-2009-0019 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 7.5 HIGH N/A
Remote Apple Events in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) or obtain sensitive information via unspecified vectors that trigger an out-of-bounds memory access.
CVE-2008-3609 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 7.2 HIGH N/A
The kernel in Apple Mac OS X 10.5 through 10.5.4 does not properly flush cached credentials during recycling (aka purging) of a vnode, which might allow local users to bypass the intended read or write permissions of a file.
CVE-2009-2824 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 6.8 MEDIUM N/A
Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code via a crafted embedded font in a document.
CVE-2008-1574 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 9.3 HIGH N/A
Integer overflow in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image that triggers a heap-based buffer overflow.
CVE-2008-0054 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 6.4 MEDIUM N/A
Foundation in Apple Mac OS X 10.4.11 might allow context-dependent attackers to execute arbitrary code via a malformed selector name to the NSSelectorFromString API, which causes an "unexpected selector" to be used.
CVE-2009-0150 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 4.4 MEDIUM N/A
Stack-based buffer overflow in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image.
CVE-2008-0992 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 5.8 MEDIUM N/A
Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value.
CVE-2009-2843 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 5.0 MEDIUM N/A
Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accepts expired certificates for applets, which makes it easier for remote attackers to execute arbitrary code via an applet.
CVE-2008-0055 1 Apple 2 Mac Os X, Mac Os X Server 2024-02-28 7.2 HIGH N/A
Foundation in Apple Mac OS X 10.4.11 creates world-writable directories while NSFileManager copies files recursively and only modifies the permissions afterward, which allows local users to modify copied files to cause a denial of service and possibly gain privileges.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024