Total
5524 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-3230 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2017-08-28 | 6.8 MEDIUM | N/A |
Apple Safari before 5.1.1 on Mac OS X does not enforce an intended policy for file: URLs, which allows remote attackers to execute arbitrary code via a crafted web site. | |||||
CVE-2011-2391 | 1 Apple | 3 Iphone Os, Itunes, Mac Os X | 2017-08-28 | 6.1 MEDIUM | N/A |
The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets. | |||||
CVE-2011-2040 | 3 Apple, Cisco, Linux | 3 Mac Os X, Anyconnect Secure Mobility Client, Linux Kernel | 2017-08-28 | 9.3 HIGH | N/A |
The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.5.3041, and 3.0.x before 3.0.629, on Linux and Mac OS X downloads a client executable file (vpndownloader.exe) without verifying its authenticity, which allows remote attackers to execute arbitrary code via the url property to a Java applet, aka Bug ID CSCsy05934. | |||||
CVE-2011-0206 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-16 | 7.5 HIGH | N/A |
Buffer overflow in International Components for Unicode (ICU) in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving uppercase strings. | |||||
CVE-2010-4010 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-16 | 6.8 MEDIUM | N/A |
Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code via a crafted embedded Compact Font Format (CFF) font in a document. | |||||
CVE-2010-0037 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-16 | 9.3 HIGH | N/A |
Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted DNG image. | |||||
CVE-2010-0036 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-16 | 9.3 HIGH | N/A |
Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file. | |||||
CVE-2009-4243 | 3 Apple, Microsoft, Realnetworks | 6 Mac Os X, Windows, Helix Player and 3 more | 2017-08-16 | 9.3 HIGH | N/A |
RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an "overflow." | |||||
CVE-2009-3692 | 3 Apple, Linux, Sun | 5 Mac Os X, Linux, Opensolaris and 2 more | 2017-08-16 | 7.2 HIGH | N/A |
Unspecified vulnerability in the VBoxNetAdpCtl configuration tool in Sun VirtualBox 3.0.x before 3.0.8 on Solaris x86, Linux, and Mac OS X allows local users to gain privileges via unknown vectors. | |||||
CVE-2009-2841 | 1 Apple | 2 Mac Os X, Safari | 2017-08-16 | 5.0 MEDIUM | N/A |
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attackers to trigger sub-resource requests to arbitrary web sites via a crafted HTML document, as demonstrated by an HTML e-mail message that uses a media element for X-Confirm-Reading-To functionality, aka rdar problem 7271202. | |||||
CVE-2009-2807 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-16 | 7.2 HIGH | N/A |
Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors. | |||||
CVE-2009-2805 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-16 | 6.8 MEDIUM | N/A |
Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JBIG2 stream in a PDF file, leading to a heap-based buffer overflow. | |||||
CVE-2009-2804 | 2 Apple, Microsoft | 4 Mac Os X, Mac Os X Server, Safari and 1 more | 2017-08-16 | 6.8 MEDIUM | N/A |
Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, and Safari before 4.0.4 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ColorSync profile embedded in an image, leading to a heap-based buffer overflow. | |||||
CVE-2009-2803 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-16 | 6.8 MEDIUM | N/A |
CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a file with a crafted resource fork. | |||||
CVE-2009-2800 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-16 | 6.8 MEDIUM | N/A |
Buffer overflow in Alias Manager in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted alias file. | |||||
CVE-2009-2809 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-16 | 6.8 MEDIUM | N/A |
ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PixarFilm encoded TIFF image, related to "multiple memory corruption issues." | |||||
CVE-2009-2811 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-16 | 6.8 MEDIUM | N/A |
Incomplete blacklist vulnerability in Launch Services in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code via a .fileloc file, which does not trigger a "potentially unsafe" warning message in the Quarantine feature. | |||||
CVE-2009-2194 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-16 | 4.9 MEDIUM | N/A |
Apple Mac OS X 10.5 before 10.5.8 does not properly share file descriptors over local sockets, which allows local users to cause a denial of service (system crash) by placing file descriptors in messages sent to a socket that has no receiver, related to a "synchronization issue." | |||||
CVE-2009-2193 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-16 | 10.0 HIGH | N/A |
Buffer overflow in the kernel in Apple Mac OS X 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a crafted AppleTalk response packet. | |||||
CVE-2009-2192 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-16 | 7.5 HIGH | N/A |
MobileMe in Apple Mac OS X 10.5 before 10.5.8 does not properly delete credentials upon signout from the preference pane, which makes it easier for attackers to hijack a MobileMe session via unspecified vectors, related to a "logic issue." |