Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Apple Subscribe
Total 10175 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-0730 1 Apple 2 Mac Os X, Server Manager 2017-07-28 6.8 MEDIUM N/A
Server Manager (servermgrd) in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently validate authentication credentials, which allows remote attackers to bypass authentication and modify system configuration.
CVE-2007-0715 1 Apple 1 Quicktime 2017-07-28 5.8 MEDIUM N/A
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PICT file.
CVE-2007-0726 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 5.0 MEDIUM N/A
The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break trust relationships that were based on the original keys.
CVE-2007-0462 1 Apple 2 Mac Os X, Quicktime 2017-07-28 10.0 HIGH N/A
The _GetSrcBits32ARGB function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT image with a malformed Alpha RGB (ARGB) record, which triggers memory corruption.
CVE-2007-0229 2 Apple, Freebsd 3 Mac Os X, Mac Os X Server, Freebsd 2017-07-28 7.2 HIGH N/A
Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes "allocation of a negative size buffer" leading to a heap-based buffer overflow, a related issue to CVE-2006-5679. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem.
CVE-2007-0467 1 Apple 1 Mac Os X 2017-07-28 6.2 MEDIUM N/A
crashdump in Apple Mac OS X 10.4.8 allows local users in the admin group to modify arbitrary files or gain privileges via a symlink attack on application logs in /Library/Logs/CrashReporter/.
CVE-2007-0465 1 Apple 2 Installer, Mac Os X 2017-07-28 7.6 HIGH N/A
Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename.
CVE-2007-0724 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 6.9 MEDIUM N/A
The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console.
CVE-2007-0728 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 4.4 MEDIUM N/A
Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files insecurely while initializing a USB printer, which allows local users to create or overwrite arbitrary files.
CVE-2007-0716 1 Apple 1 Quicktime 2017-07-28 5.8 MEDIUM N/A
Stack-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file.
CVE-2007-0717 1 Apple 1 Quicktime 2017-07-28 5.8 MEDIUM N/A
Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file.
CVE-2007-0731 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 9.3 HIGH N/A
Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.4 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL.
CVE-2007-0733 1 Apple 2 Imageio, Mac Os X 2017-07-28 9.3 HIGH N/A
Unspecified vulnerability in ImageIO in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RAW image that triggers memory corruption.
CVE-2007-0736 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 9.3 HIGH N/A
Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap.
CVE-2007-0740 1 Apple 1 Mac Os X 2017-07-28 6.8 MEDIUM N/A
Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display files with the same name in mounted disk images that have the same name, which might allow user-assisted attackers to trick a user into executing malicious files.
CVE-2003-1414 1 Apple 2 Darwin Streaming Server, Quicktime Streaming Server 2017-07-28 4.3 MEDIUM N/A
Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter.
CVE-2006-6127 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 2.1 LOW N/A
Apple Mac OS X kernel allows local users to cause a denial of service via a process that uses kevent to register a queue and an event, then fork a child process that uses kevent to register an event for the same queue as the parent.
CVE-2006-6126 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 2.1 LOW N/A
Apple Mac OS X allows local users to cause a denial of service (memory corruption) via a crafted Mach-O binary with a malformed load_command data structure.
CVE-2006-6129 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-28 4.6 MEDIUM N/A
Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of service and possibly execute arbitrary code via a crafted Mach-O Universal program that triggers memory corruption.
CVE-2006-6130 1 Apple 1 Mac Os X 2017-07-28 4.9 MEDIUM N/A
Apple Mac OS X AppleTalk allows local users to cause a denial of service (kernel panic) by calling the AIOCREGLOCALZN ioctl command with a crafted data structure on an AppleTalk socket.