Total
5557 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0401 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-20 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in Mac OS X before 10.4.6, when running on an Intel-based computer, allows attackers with physical access to bypass the firmware password and log on in Single User Mode via unspecified vectors. | |||||
| CVE-2006-0400 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-20 | 7.5 HIGH | N/A |
| CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to bypass the same-origin policy and execute Javascript in other domains via unknown vectors involving "crafted archives." | |||||
| CVE-2006-0399 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-20 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. | |||||
| CVE-2006-0398 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-20 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. | |||||
| CVE-2006-0397 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-20 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. | |||||
| CVE-2006-0395 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-20 | 5.1 MEDIUM | N/A |
| The Download Validation in Mail in Mac OS X 10.4 does not properly recognize attachment file types to warn a user of an unsafe type, which allows user-assisted remote attackers to execute arbitrary code via crafted file types. | |||||
| CVE-2006-0393 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-20 | 4.0 MEDIUM | N/A |
| OpenSSH in Apple Mac OS X 10.4.7 allows remote attackers to cause a denial of service or determine account existence by attempting to log in using an invalid user, which causes the server to hang. | |||||
| CVE-2006-0392 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-20 | 5.1 MEDIUM | N/A |
| Buffer overflow in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Canon RAW image. | |||||
| CVE-2006-0391 | 1 Apple | 1 Mac Os X | 2017-07-20 | 1.7 LOW | N/A |
| Directory traversal vulnerability in the BOM framework in Mac OS X 10.x before 10.3.9 and 10.4 before 10.4.5 allows user-assisted attackers to overwrite or create arbitrary files via an archive that is handled by BOMArchiveHelper. | |||||
| CVE-2006-0389 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-20 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) in Mac OS X 10.4 through 10.4.5 allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds. | |||||
| CVE-2006-0388 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-20 | 2.6 LOW | N/A |
| Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources. | |||||
| CVE-2006-0387 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-20 | 6.4 MEDIUM | N/A |
| Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier, and 10.3.9 and earlier, allows remote attackers to execute arbitrary code via unspecified vectors involving a web page with crafted JavaScript, a different vulnerability than CVE-2005-4504. | |||||
| CVE-2006-0386 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-20 | 1.7 LOW | N/A |
| FileVault in Mac OS X 10.4.5 and earlier does not properly mount user directories when creating a FileVault image, which allows local users to access protected files when FileVault is enabled. | |||||
| CVE-2006-0384 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-20 | 7.5 HIGH | N/A |
| automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to "mount file systems with reserved names". | |||||
| CVE-2006-0383 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-20 | 5.0 MEDIUM | N/A |
| IPSec when used with VPN networks in Mac OS X 10.4 through 10.4.5 allows remote attackers to cause a denial of service (application crash) via unspecified vectors involving the "incorrect handling of error conditions". | |||||
| CVE-2006-0382 | 1 Apple | 1 Mac Os X | 2017-07-20 | 2.1 LOW | N/A |
| Apple Mac OS X 10.4.5 and allows local users to cause a denial of service (crash) via an undocumented system call. | |||||
| CVE-2005-4504 | 1 Apple | 4 Mac Os X, Mac Os X Server, Safari and 1 more | 2017-07-20 | 7.8 HIGH | N/A |
| The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag. | |||||
| CVE-2017-6974 | 1 Apple | 1 Mac Os X | 2017-07-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the system-installation subsystem of the "System Integrity Protection" component. It allows attackers to modify the contents of a protected disk location via a crafted app. | |||||
| CVE-2017-2449 | 1 Apple | 1 Mac Os X | 2017-07-12 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. | |||||
| CVE-2017-2438 | 1 Apple | 1 Mac Os X | 2017-07-12 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "AppleRAID" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. | |||||