Filtered by vendor Apple
Subscribe
Total
10175 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-1829 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-09 | 6.0 MEDIUM | N/A |
Directory traversal vulnerability in AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to execute arbitrary code by creating files that are outside the bounds of a share. | |||||
CVE-2010-1830 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-09 | 5.0 MEDIUM | N/A |
AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 generates different error messages depending on whether a share exists, which allows remote attackers to enumerate valid share names via unspecified vectors. | |||||
CVE-2010-1831 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-09 | 6.8 MEDIUM | N/A |
Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code via a long name of an embedded font in a document. | |||||
CVE-2010-1832 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-09 | 6.8 MEDIUM | N/A |
Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code via a crafted embedded font in a document. | |||||
CVE-2010-1833 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-09 | 6.8 MEDIUM | N/A |
Apple Type Services (ATS) in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted embedded font in a document. | |||||
CVE-2010-1834 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-09 | 5.8 MEDIUM | N/A |
CFNetwork in Apple Mac OS X 10.6.x before 10.6.5 does not properly validate the domains of cookies, which makes it easier for remote web servers to track users by setting a cookie that is associated with a partial IP address. | |||||
CVE-2010-1840 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-09 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the password-validation functionality in Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | |||||
CVE-2010-1843 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-09 | 7.8 HIGH | N/A |
Networking in Apple Mac OS X 10.6.2 through 10.6.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted PIM packet. | |||||
CVE-2010-1846 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-09 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RAW image. | |||||
CVE-2010-1847 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-09 | 4.9 MEDIUM | N/A |
The kernel in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform memory management associated with terminal devices, which allows local users to cause a denial of service (system crash) via unspecified vectors. | |||||
CVE-2010-1803 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-09 | 4.3 MEDIUM | N/A |
Time Machine in Apple Mac OS X 10.6.x before 10.6.5 does not verify the unique identifier of its remote AFP volume, which allows remote attackers to obtain sensitive information by spoofing this volume. | |||||
CVE-2009-1707 | 1 Apple | 1 Safari | 2010-12-09 | 1.2 LOW | N/A |
Race condition in the Reset Safari implementation in Apple Safari before 4.0 on Windows might allow local users to read stored web-site passwords via unspecified vectors. | |||||
CVE-2010-0105 | 1 Apple | 1 Mac Os X | 2010-12-09 | 4.9 MEDIUM | N/A |
The hfs implementation in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 supports hard links to directories and does not prevent certain deeply nested directory structures, which allows local users to cause a denial of service (filesystem corruption) via a crafted application that calls the mkdir and link functions, related to the fsck_hfs program in the diskdev_cmds component. | |||||
CVE-2010-4012 | 1 Apple | 1 Iphone Os | 2010-12-08 | 6.2 MEDIUM | N/A |
Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later allows physically proximate attackers to bypass the passcode lock by making a call from the Emergency Call screen, then quickly pressing the Sleep/Wake button. | |||||
CVE-2010-1378 | 1 Apple | 1 Mac Os X | 2010-11-21 | 7.5 HIGH | N/A |
OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitrary certificate issued by a legitimate Certification Authority. | |||||
CVE-2010-1801 | 1 Apple | 3 Coregraphics, Mac Os X, Mac Os X Server | 2010-11-16 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file. | |||||
CVE-2010-3796 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-11-16 | 4.3 MEDIUM | N/A |
Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not block Java applets in an RSS feed, which allows remote attackers to obtain sensitive information via a feed: URL containing an applet that performs DOM modifications. | |||||
CVE-2010-4011 | 1 Apple | 1 Mac Os X Server | 2010-11-16 | 4.0 MEDIUM | N/A |
Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue." | |||||
CVE-2010-3887 | 1 Apple | 2 Mac Os X, Mail | 2010-10-11 | 4.3 MEDIUM | N/A |
The Limit Mail feature in the Parental Controls functionality in Mail on Apple Mac OS X does not properly enforce the correspondence whitelist, which allows remote attackers to bypass intended access restrictions and conduct e-mail communication by leveraging knowledge of a child's e-mail address and a parent's e-mail address, related to parental notification of unapproved e-mail addresses. | |||||
CVE-2010-2530 | 3 Apple, Freebsd, Netbsd | 3 Mac Os X, Freebsd, Netbsd | 2010-09-29 | 4.9 MEDIUM | N/A |
Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1) SMBIOC_LOOKUP or (2) SMBIOC_OPENSESSION ioctl call. |