Filtered by vendor Apple
Subscribe
Total
11189 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2801 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-03-31 | 6.4 MEDIUM | N/A |
| The Application Firewall in Apple Mac OS X 10.5.8 drops unspecified firewall rules after a reboot, which might allow remote attackers to bypass intended access restrictions via packet data, related to a "timing issue." | |||||
| CVE-2010-0506 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-03-31 | 6.8 MEDIUM | N/A |
| Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted NEF image. | |||||
| CVE-2010-0501 | 1 Apple | 1 Mac Os X Server | 2010-03-31 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in FTP Server in Apple Mac OS X Server before 10.6.3 allows remote authenticated users to read arbitrary files via crafted filenames. | |||||
| CVE-2010-0502 | 1 Apple | 1 Mac Os X Server | 2010-03-31 | 4.3 MEDIUM | N/A |
| iChat Server in Apple Mac OS X Server before 10.6.3, when group chat is used, does not perform logging for all types of messages, which might allow remote attackers to avoid message auditing via an unspecified selection of message type. | |||||
| CVE-2010-0511 | 1 Apple | 1 Mac Os X Server | 2010-03-31 | 5.0 MEDIUM | N/A |
| Podcast Producer in Apple Mac OS X 10.6 before 10.6.3 deletes the access restrictions of a Podcast Composer workflow when this workflow is overwritten, which allows attackers to access a workflow via unspecified vectors. | |||||
| CVE-2010-0507 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-03-31 | 6.8 MEDIUM | N/A |
| Buffer overflow in Image RAW in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PEF image. | |||||
| CVE-2010-0063 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-03-31 | 6.8 MEDIUM | N/A |
| Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.6.3 makes it easier for user-assisted remote attackers to execute arbitrary JavaScript via a web page that offers a download with a Content-Type value that is not on the list of possibly unsafe content types for Safari, as demonstrated by the values for the (1) .ibplugin and (2) .url extensions. | |||||
| CVE-2010-0058 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-03-31 | 6.4 MEDIUM | N/A |
| freshclam in ClamAV in Apple Mac OS X 10.5.8 with Security Update 2009-005 has an incorrect launchd.plist ProgramArguments key and consequently does not run, which might allow remote attackers to introduce viruses into the system. | |||||
| CVE-2009-2204 | 1 Apple | 1 Iphone Os | 2010-03-30 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapore. | |||||
| CVE-2010-1176 | 1 Apple | 2 Iphone Os, Safari | 2010-03-30 | 9.3 HIGH | N/A |
| Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to an array of long strings, an array of IMG elements with crafted strings in their SRC attributes, a TBODY element with no associated TABLE element, and certain calls to the delete operator and the cloneNode, clearAttributes, and CollectGarbage methods, possibly a related issue to CVE-2009-0075. | |||||
| CVE-2010-1179 | 1 Apple | 2 Iphone Os, Safari | 2010-03-30 | 9.3 HIGH | N/A |
| Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large integer in the numcolors attribute of a recolorinfo element in a VML file, possibly a related issue to CVE-2007-0024. | |||||
| CVE-2010-1177 | 1 Apple | 2 Iphone Os, Safari | 2010-03-30 | 9.3 HIGH | N/A |
| Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving document.write calls with long crafted strings. | |||||
| CVE-2010-0924 | 2 Apple, Microsoft | 2 Safari, Windows | 2010-03-04 | 5.0 MEDIUM | N/A |
| cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.3 and 4.0.4 on Windows, allows remote attackers to cause a denial of service (application crash) via a long string in the BACKGROUND attribute of a BODY element. | |||||
| CVE-2010-0925 | 2 Apple, Microsoft | 2 Safari, Windows | 2010-03-04 | 5.0 MEDIUM | N/A |
| cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.4 on Windows, allows remote attackers to cause a denial of service (application crash) via a long string in the SRC attribute of a (1) IMG or (2) IFRAME element. | |||||
| CVE-2009-2839 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2009-12-19 | 6.8 MEDIUM | N/A |
| Screen Sharing in Apple Mac OS X 10.5.8 allows remote VNC servers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. | |||||
| CVE-2009-2823 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2009-11-24 | 4.3 MEDIUM | N/A |
| The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software. | |||||
| CVE-2009-2840 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2009-11-17 | 4.9 MEDIUM | N/A |
| Spotlight in Apple Mac OS X 10.5.8 does not properly handle temporary files, which allows local users to overwrite arbitrary files in the context of a different user's privileges via unspecified vectors. | |||||
| CVE-2009-2838 | 1 Apple | 1 Mac Os X | 2009-11-17 | 6.8 MEDIUM | N/A |
| Integer overflow in QuickLook in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Office document that triggers a buffer overflow. | |||||
| CVE-2009-2836 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2009-11-17 | 6.2 MEDIUM | N/A |
| Race condition in Login Window in Apple Mac OS X 10.6.x before 10.6.2, when at least one account has a blank password, allows attackers to bypass password authentication and obtain login access to an arbitrary account via unspecified vectors. | |||||
| CVE-2009-2835 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2009-11-17 | 4.6 MEDIUM | N/A |
| The kernel in Apple Mac OS X before 10.6.2 does not properly handle task state segments, which allows local users to gain privileges, cause a denial of service (system crash), or obtain sensitive information via unspecified vectors. | |||||