Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Apple Subscribe
Filtered by product Mac Os X
Total 5524 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-0726 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 5.0 MEDIUM N/A
The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break trust relationships that were based on the original keys.
CVE-2007-0728 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 4.4 MEDIUM N/A
Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files insecurely while initializing a USB printer, which allows local users to create or overwrite arbitrary files.
CVE-2007-0730 1 Apple 2 Mac Os X, Server Manager 2017-07-28 6.8 MEDIUM N/A
Server Manager (servermgrd) in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently validate authentication credentials, which allows remote attackers to bypass authentication and modify system configuration.
CVE-2007-0731 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 9.3 HIGH N/A
Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.4 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL.
CVE-2007-0734 1 Apple 2 Airport Extreme, Mac Os X 2017-07-28 5.4 MEDIUM N/A
fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Firmware Update 7.1, and by Apple Mac OS X 10.3.9 through 10.4.9, does not properly enforce password protection of a USB hard drive, which allows context-dependent attackers to list arbitrary directories or execute arbitrary code, resulting from memory corruption.
CVE-2007-0733 1 Apple 2 Imageio, Mac Os X 2017-07-28 9.3 HIGH N/A
Unspecified vulnerability in ImageIO in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RAW image that triggers memory corruption.
CVE-2007-0736 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 9.3 HIGH N/A
Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap.
CVE-2007-0740 1 Apple 1 Mac Os X 2017-07-28 6.8 MEDIUM N/A
Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display files with the same name in mounted disk images that have the same name, which might allow user-assisted attackers to trick a user into executing malicious files.
CVE-2007-0750 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 9.3 HIGH N/A
Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 allows remote user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted PDF file.
CVE-2007-0751 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 2.1 LOW N/A
A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command.
CVE-2007-0752 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 7.2 HIGH N/A
The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check.
CVE-2007-1279 2 Adobe, Apple 2 Bridge, Mac Os X 2017-07-28 7.2 HIGH N/A
Unspecified vulnerability in the installer for Adobe Bridge 1.0.3 update for Apple OS X, when patching with desktop management tools, allows local users to gain privileges via unspecified vectors during installation of the update by a different user who has administrative privileges.
CVE-2006-6126 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 2.1 LOW N/A
Apple Mac OS X allows local users to cause a denial of service (memory corruption) via a crafted Mach-O binary with a malformed load_command data structure.
CVE-2006-6127 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 2.1 LOW N/A
Apple Mac OS X kernel allows local users to cause a denial of service via a process that uses kevent to register a queue and an event, then fork a child process that uses kevent to register an event for the same queue as the parent.
CVE-2006-6129 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 4.6 MEDIUM N/A
Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of service and possibly execute arbitrary code via a crafted Mach-O Universal program that triggers memory corruption.
CVE-2006-6173 1 Apple 1 Mac Os X 2017-07-28 7.2 HIGH N/A
Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number of ranges in the shared_region_make_private_np_args parameter.
CVE-2006-6130 1 Apple 1 Mac Os X 2017-07-28 4.9 MEDIUM N/A
Apple Mac OS X AppleTalk allows local users to cause a denial of service (kernel panic) by calling the AIOCREGLOCALZN ioctl command with a crafted data structure on an AppleTalk socket.
CVE-2006-6292 1 Apple 2 Airport Extreme, Mac Os X 2017-07-28 5.7 MEDIUM N/A
Apple Airport Extreme firmware 0.1.27 in Mac OS X 10.4.8 on Mac mini, MacBook, and MacBook Pro with Core Duo hardware allows remote attackers to cause a denial of service (out-of-bounds memory access and kernel panic) and have possibly other security-related impact via certain beacon frames.
CVE-2007-0023 1 Apple 1 Mac Os X 2017-07-28 6.9 MEDIUM N/A
The CFUserNotificationSendRequest function in UserNotificationCenter.app in Apple Mac OS X 10.4.8, when used in combination with diskutil, allows local users to gain privileges via a malicious InputManager in Library/InputManagers in a user's home directory, which is executed when Cocoa applications attempt to notify the user.
CVE-2007-0022 1 Apple 1 Mac Os X 2017-07-28 7.2 HIGH N/A
Untrusted search path vulnerability in writeconfig in Apple Mac OS X 10.4.8 allows local users to gain privileges via a modified PATH that points to a malicious launchctl program.