Filtered by vendor Apple
Subscribe
Total
11570 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1411 | 1 Apple | 1 Mac Os X | 2024-11-20 | 7.2 HIGH | N/A |
| Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs. | |||||
| CVE-2001-0806 | 1 Apple | 1 Mac Os X | 2024-11-20 | 3.6 LOW | N/A |
| Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages. | |||||
| CVE-2001-0766 | 2 Apache, Apple | 2 Http Server, Mac Os X | 2024-11-20 | 7.5 HIGH | 9.8 CRITICAL |
| Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters. | |||||
| CVE-2001-0720 | 1 Apple | 1 Mac Os X | 2024-11-20 | 7.5 HIGH | N/A |
| Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attackers to execute arbitrary commands by causing a BinHex or MacBinary file type to be downloaded, which causes the files to be executed if automatic decoding is enabled. | |||||
| CVE-2001-0649 | 1 Apple | 1 Personal Web Sharing | 2024-11-20 | 5.0 MEDIUM | N/A |
| Personal Web Sharing 1.5.5 allows a remote attacker to cause a denial of service via a long HTTP request. | |||||
| CVE-2001-0198 | 1 Apple | 1 Quicktime | 2024-11-20 | 7.6 HIGH | N/A |
| Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag. | |||||
| CVE-2001-0102 | 1 Apple | 1 Macos | 2024-11-20 | 7.2 HIGH | N/A |
| "Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password. | |||||
| CVE-2001-0068 | 1 Apple | 1 Mac Os Runtime For Java | 2024-11-20 | 2.6 LOW | N/A |
| Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use malicious applets to read files outside of the CODEBASE context via the ARCHIVE applet parameter. | |||||
| CVE-2000-0563 | 1 Apple | 1 Mac Os Runtime For Java | 2024-11-20 | 10.0 HIGH | N/A |
| The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model. | |||||
| CVE-2000-0346 | 1 Apple | 1 Appleshare | 2024-11-20 | 5.0 MEDIUM | N/A |
| AppleShare IP 6.1 and later allows a remote attacker to read potentially sensitive information via an invalid range request to the web server. | |||||
| CVE-2000-0299 | 1 Apple | 1 Webobjects | 2024-11-20 | 5.0 MEDIUM | N/A |
| Buffer overflow in WebObjects.exe in the WebObjects Developer 4.5 package allows remote attackers to cause a denial of service via an HTTP request with long headers such as Accept. | |||||
| CVE-2000-0041 | 1 Apple | 1 Macos | 2024-11-20 | 5.0 MEDIUM | N/A |
| Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack. | |||||
| CVE-1999-1543 | 1 Apple | 1 Macos | 2024-11-20 | 4.6 MEDIUM | N/A |
| MacOS uses weak encryption for passwords that are stored in the Users & Groups Data File. | |||||
| CVE-1999-1412 | 2 Apache, Apple | 2 Http Server, Macos | 2024-11-20 | 5.0 MEDIUM | N/A |
| A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes. | |||||
| CVE-1999-1393 | 1 Apple | 1 Macos | 2024-11-20 | 4.6 MEDIUM | N/A |
| Control Panel "Password Security" option for Apple Powerbooks allows attackers with physical access to the machine to bypass the security by booting it with an emergency startup disk and using a disk editor to modify the on/off toggle or password in the aaaaaaaAPWD file, which is normally inaccessible. | |||||
| CVE-1999-1102 | 4 Apple, Bsd, Sgi and 1 more | 4 A Ux, Bsd, Irix and 1 more | 2024-11-20 | 2.1 LOW | N/A |
| lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times. | |||||
| CVE-1999-1077 | 1 Apple | 1 Macos | 2024-11-20 | 4.6 MEDIUM | N/A |
| Idle locking function in MacOS 9 allows local attackers to bypass the password protection of idled sessions via the programmer's switch or CMD-PWR keyboard sequence, which brings up a debugger that the attacker can use to disable the lock. | |||||
| CVE-1999-1076 | 1 Apple | 1 Macos | 2024-11-20 | 4.6 MEDIUM | N/A |
| Idle locking function in MacOS 9 allows local users to bypass the password protection of idled sessions by selecting the "Log Out" option and selecting a "Cancel" option in the dialog box for an application that attempts to verify that the user wants to log out, which returns the attacker into the locked session. | |||||
| CVE-1999-1015 | 1 Apple | 1 Appleshare Mail Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and earlier allows a remote attacker to cause a denial of service (crash) via a long HELO command. | |||||
| CVE-1999-0897 | 1 Apple | 1 Ichat Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| iChat ROOMS Webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||