Filtered by vendor Apple
Subscribe
Total
11570 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2514 | 1 Apple | 1 Mac Os X | 2024-11-20 | 7.5 HIGH | N/A |
| Buffer overflow in ping in Mac OS X 10.3.9 allows local users to execute arbitrary code. | |||||
| CVE-2005-2513 | 1 Apple | 1 Mac Os X | 2024-11-20 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in HItoolbox for Mac OS X 10.4.2 allows VoiceOver services to read secure input fields. | |||||
| CVE-2005-2512 | 1 Apple | 2 Mac Os X, Mail | 2024-11-20 | 2.1 LOW | N/A |
| Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an HTML message, loads remote images even when the user's preferences state otherwise, which could result in a privacy leak. | |||||
| CVE-2005-2511 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-20 | 10.0 HIGH | N/A |
| Unknown vulnerability in Mac OS X 10.4.2 and earlier, when using Kerberos authentication with LDAP, allows attackers to gain access to a root Terminal window. | |||||
| CVE-2005-2510 | 1 Apple | 1 Mac Os X Server | 2024-11-20 | 4.6 MEDIUM | N/A |
| The Server Admin tool in servermgr_ipfilter for Mac OS X 10.4 to 10.4.2, when using multiple subnets and Address Groups, does not always properly write firewall rules to the Active Rules when certain conditions occur, which could result in firewall policies that are less restrictive than intended by the administrator. | |||||
| CVE-2005-2509 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-20 | 2.1 LOW | N/A |
| Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts. | |||||
| CVE-2005-2508 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-20 | 4.6 MEDIUM | N/A |
| dsidentity in Directory Services in Mac OS X 10.4.2 allows local users to add or remove user accounts. | |||||
| CVE-2005-2507 | 1 Apple | 1 Mac Os X Server | 2024-11-20 | 7.5 HIGH | N/A |
| Buffer overflow in Directory Services in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication. | |||||
| CVE-2005-2506 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| Algorithmic complexity vulnerability in CoreFoundation in Mac OS X 10.3.9 and 10.4.2 allows attackers to cause a denial of service (CPU consumption) via crafted Gregorian dates. | |||||
| CVE-2005-2505 | 1 Apple | 1 Mac Os X | 2024-11-20 | 7.5 HIGH | N/A |
| Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers to execute arbitrary code via command line arguments to an application that uses CoreFoundation. | |||||
| CVE-2005-2504 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-20 | 7.2 HIGH | N/A |
| The System Profiler in Mac OS X 10.4.2 labels a Bluetooth device with "Requires Authentication: No" even when the user has selected the "Require pairing for security" option, which could confuse users about which setting is valid. | |||||
| CVE-2005-2503 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-20 | 4.6 MEDIUM | N/A |
| AppKit for Mac OS X 10.3.9 and 10.4.2 allows attackers with physical access to create local accounts by forcing a particular error to occur at the login window. | |||||
| CVE-2005-2502 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-20 | 5.1 MEDIUM | N/A |
| Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, allows external user-assisted attackers to execute arbitrary code via a crafted Microsoft Word file. | |||||
| CVE-2005-2501 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-20 | 7.6 HIGH | N/A |
| Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows external user-assisted attackers to execute arbitrary code via a crafted Rich Text Format (RTF) file. | |||||
| CVE-2005-2340 | 1 Apple | 1 Quicktime | 2024-11-20 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a crafted (1) QuickTime Image File (QTIF), (2) PICT, or (3) JPEG format image with a long data field. | |||||
| CVE-2005-2272 | 1 Apple | 1 Safari | 2024-11-20 | 2.6 LOW | N/A |
| Safari version 2.0 (412) does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability." | |||||
| CVE-2005-2196 | 1 Apple | 1 Airport Card | 2024-11-20 | 2.1 LOW | N/A |
| The Apple AirPort card uses a default WEP key when not connected to a known or trusted network, which can cause it to automatically connect to a malicious network. | |||||
| CVE-2005-2195 | 1 Apple | 1 Darwin Streaming Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| Apple Darwin Streaming Server 5.5 and earlier allows remote attackers to cause a denial of service (application crash) via a URL with a filename containing a .cgi extension and an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1, a different vulnerability than CVE-2003-0421 and CVE-2003-0502. | |||||
| CVE-2005-2194 | 1 Apple | 1 Mac Os X | 2024-11-20 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Apple Mac OS X kernel before 10.4.2 allows remote attackers to cause a denial of service (kernel panic) via a crafted TCP packet, possibly related to source routing or loose source routing. | |||||
| CVE-2005-1933 | 1 Apple | 1 Mac Os X | 2024-11-20 | 7.5 HIGH | N/A |
| Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier (CFBundleIdentifier), a different vulnerability than CVE-2005-1474. | |||||