Filtered by vendor Apple
Subscribe
Total
10175 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0052 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2016-10-17 | 5.0 MEDIUM | N/A |
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories. | |||||
CVE-2003-0053 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2016-10-17 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message. | |||||
CVE-2003-0054 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2016-10-17 | 7.5 HIGH | N/A |
Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed using a browser. | |||||
CVE-2003-0055 | 1 Apple | 1 Quicktime Darwin Mp3 Broadcaster | 2016-10-17 | 7.5 HIGH | N/A |
Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via a long filename. | |||||
CVE-2002-1383 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2016-10-17 | 10.0 HIGH | N/A |
Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun. | |||||
CVE-2001-1411 | 1 Apple | 1 Mac Os X | 2016-10-17 | 7.2 HIGH | N/A |
Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs. | |||||
CVE-2001-1412 | 1 Apple | 1 Mac Os X | 2016-10-17 | 2.1 LOW | N/A |
nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument. | |||||
CVE-1999-0897 | 1 Apple | 1 Ichat Server | 2016-10-17 | 5.0 MEDIUM | N/A |
iChat ROOMS Webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-2014-1595 | 2 Apple, Mozilla | 4 Mac Os X, Firefox, Firefox Esr and 1 more | 2016-10-03 | 2.1 LOW | N/A |
Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, and Thunderbird before 31.3 on Apple OS X 10.10 omit a CoreGraphics disable-logging action that is needed by jemalloc-based applications, which allows local users to obtain sensitive information by reading /tmp files, as demonstrated by credential information. | |||||
CVE-2013-6114 | 1 Apple | 1 Motion | 2016-09-30 | 5.0 MEDIUM | N/A |
Integer overflow in the OZDocument::parseElement function in Apple Motion 5.0.7 allows remote attackers to cause a denial of service (application crash) via a (1) large or (2) small value in the subview attribute of a viewer element in a .motn file. | |||||
CVE-2013-5987 | 2 Apple, Nvidia | 2 Mac Os X, Gpu Driver | 2016-08-23 | 7.2 HIGH | N/A |
Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 allows local users to bypass intended access restrictions for the GPU and gain privileges via unknown vectors. | |||||
CVE-2009-0158 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2016-08-22 | 6.8 MEDIUM | N/A |
Stack-based buffer overflow in telnet in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long hostname for a telnet server. | |||||
CVE-2016-1862 | 1 Apple | 1 Mac Os X | 2016-06-22 | 4.3 MEDIUM | 3.3 LOW |
Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1860. | |||||
CVE-2016-1860 | 1 Apple | 1 Mac Os X | 2016-06-22 | 4.3 MEDIUM | 3.3 LOW |
Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1862. | |||||
CVE-2015-8823 | 5 Adobe, Apple, Google and 2 more | 13 Air, Air Sdk, Air Sdk \& Compiler and 10 more | 2016-05-26 | 9.3 HIGH | 8.8 HIGH |
Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted text property, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, CVE-2015-8821, and CVE-2015-8822. | |||||
CVE-2016-1208 | 2 Apple, Filemaker | 2 Mac Os X, Filemaker | 2016-05-19 | 5.0 MEDIUM | 7.5 HIGH |
The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors. | |||||
CVE-2005-2741 | 2 Apple, Perry Kiehtreiber | 3 Mac Os X, Mac Os X Server, Securityd | 2016-05-09 | 7.2 HIGH | N/A |
Authorization Services in securityd for Apple Mac OS X 10.3.9 allows local users to gain privileges by granting themselves certain rights that should be restricted to administrators. | |||||
CVE-2014-8611 | 2 Apple, Freebsd | 3 Iphone Os, Mac Os X, Freebsd | 2016-04-06 | 6.9 MEDIUM | N/A |
The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application. | |||||
CVE-2015-1150 | 1 Apple | 1 Os X Server | 2016-03-31 | 5.0 MEDIUM | N/A |
The Firewall component in Apple OS X Server before 4.1 uses an incorrect pathname in configuration files, which allows remote attackers to bypass network-access restrictions by sending packets for which custom-rule blocking was intended. | |||||
CVE-2015-1151 | 1 Apple | 1 Os X Server | 2016-03-31 | 5.0 MEDIUM | N/A |
Wiki Server in Apple OS X Server before 4.1 allows remote attackers to bypass intended restrictions on Activity and People pages by connecting from an iPad client. |