Total
808 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-3716 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 7.5 HIGH | N/A |
CoreText in Apple Mac OS X 10.7.x before 10.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write or read) via a crafted text glyph. | |||||
CVE-2013-0975 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 6.8 MEDIUM | N/A |
Buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.8.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image. | |||||
CVE-2012-3723 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 4.6 MEDIUM | N/A |
Apple Mac OS X before 10.7.5 does not properly handle the bNbrPorts field of a USB hub descriptor, which allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) by attaching a USB device. | |||||
CVE-2012-0675 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 4.3 MEDIUM | N/A |
Time Machine in Apple Mac OS X before 10.7.4 does not require continued use of SRP-based authentication after this authentication method is first used, which allows remote attackers to read Time Capsule credentials by spoofing the backup volume. | |||||
CVE-2013-0984 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 9.3 HIGH | N/A |
Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message. | |||||
CVE-2012-0658 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 6.8 MEDIUM | N/A |
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio sample tables in a movie file that is progressively downloaded. | |||||
CVE-2012-0662 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 7.5 HIGH | N/A |
Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input. | |||||
CVE-2012-0657 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 2.1 LOW | N/A |
Quartz Composer in Apple Mac OS X before 10.7.4, when the RSS Visualizer screensaver is enabled, allows physically proximate attackers to bypass screen locking and launch a Safari process via unspecified vectors. | |||||
CVE-2012-0654 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 6.8 MEDIUM | N/A |
libsecurity in Apple Mac OS X before 10.7.4 accesses uninitialized memory locations during the processing of X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted certificate. | |||||
CVE-2013-0960 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2024-02-04 | 6.8 MEDIUM | N/A |
WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2013-0961. | |||||
CVE-2013-0982 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 1.7 LOW | N/A |
The Private Browsing feature in CFNetwork in Apple Mac OS X before 10.8.4 does not prevent storage of permanent cookies upon exit from Safari, which might allow physically proximate attackers to bypass cookie-based authentication by leveraging an unattended workstation. | |||||
CVE-2010-3812 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2024-02-04 | 9.3 HIGH | N/A |
Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Text objects. | |||||
CVE-2010-1847 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 4.9 MEDIUM | N/A |
The kernel in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform memory management associated with terminal devices, which allows local users to cause a denial of service (system crash) via unspecified vectors. | |||||
CVE-2010-1778 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via an RSS feed. | |||||
CVE-2011-0210 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2024-02-04 | 6.8 MEDIUM | N/A |
QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie file. | |||||
CVE-2011-0251 | 2 Apple, Microsoft | 6 Mac Os X, Mac Os X Server, Quicktime and 3 more | 2024-02-04 | 9.3 HIGH | N/A |
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSZ atoms in a QuickTime movie file. | |||||
CVE-2010-1787 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2024-02-04 | 9.3 HIGH | N/A |
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a floating element in an SVG document. | |||||
CVE-2011-0194 | 1 Apple | 3 Imageio, Mac Os X, Mac Os X Server | 2024-02-04 | 6.8 MEDIUM | N/A |
Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding. | |||||
CVE-2010-0520 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in QuickTimeAuthoring.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC file, related to crafted DELTA_FLI chunks and untrusted length values in a .fli file, which are not properly handled during decompression. | |||||
CVE-2010-3787 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image. |