Total
2817 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0524 | 9 Apple, Cisco, Hp and 6 more | 12 Mac Os X, Macos, Ios and 9 more | 2024-02-04 | 2.1 LOW | N/A |
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. | |||||
CVE-1999-1077 | 1 Apple | 1 Macos | 2024-02-04 | 4.6 MEDIUM | N/A |
Idle locking function in MacOS 9 allows local attackers to bypass the password protection of idled sessions via the programmer's switch or CMD-PWR keyboard sequence, which brings up a debugger that the attacker can use to disable the lock. | |||||
CVE-1999-0590 | 3 Apple, Linux, Microsoft | 6 Macos, Linux Kernel, Windows 2000 and 3 more | 2024-02-04 | 10.0 HIGH | N/A |
A system does not present an appropriate legal message or warning to a user who is accessing it. | |||||
CVE-1999-1543 | 1 Apple | 1 Macos | 2024-02-04 | 4.6 MEDIUM | N/A |
MacOS uses weak encryption for passwords that are stored in the Users & Groups Data File. | |||||
CVE-2000-0041 | 1 Apple | 1 Macos | 2024-02-04 | 5.0 MEDIUM | N/A |
Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack. | |||||
CVE-1999-1393 | 1 Apple | 1 Macos | 2024-02-04 | 4.6 MEDIUM | N/A |
Control Panel "Password Security" option for Apple Powerbooks allows attackers with physical access to the machine to bypass the security by booting it with an emergency startup disk and using a disk editor to modify the on/off toggle or password in the aaaaaaaAPWD file, which is normally inaccessible. | |||||
CVE-1999-1412 | 2 Apache, Apple | 2 Http Server, Macos | 2024-02-04 | 5.0 MEDIUM | N/A |
A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes. | |||||
CVE-2001-0102 | 1 Apple | 1 Macos | 2024-02-04 | 7.2 HIGH | N/A |
"Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password. | |||||
CVE-1999-1076 | 1 Apple | 1 Macos | 2024-02-04 | 4.6 MEDIUM | N/A |
Idle locking function in MacOS 9 allows local users to bypass the password protection of idled sessions by selecting the "Log Out" option and selecting a "Cancel" option in the dialog box for an application that attempts to verify that the user wants to log out, which returns the attacker into the locked session. | |||||
CVE-2023-42926 | 1 Apple | 1 Macos | 2024-02-02 | N/A | 7.8 HIGH |
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution. | |||||
CVE-2023-42894 | 1 Apple | 1 Macos | 2024-02-02 | N/A | 5.5 MEDIUM |
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to access information about a user's contacts. | |||||
CVE-2023-42890 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-02-02 | N/A | 8.8 HIGH |
The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arbitrary code execution. | |||||
CVE-2023-42883 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-02-02 | N/A | 5.5 MEDIUM |
The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. Processing an image may lead to a denial-of-service. | |||||
CVE-2023-42882 | 1 Apple | 1 Macos | 2024-02-02 | N/A | 7.8 HIGH |
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2. Processing an image may lead to arbitrary code execution. | |||||
CVE-2021-30860 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2024-02-02 | 6.8 MEDIUM | 7.8 HIGH |
An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | |||||
CVE-2021-30663 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-02-02 | 6.8 MEDIUM | 8.8 HIGH |
An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
CVE-2023-6857 | 5 Apple, Debian, Google and 2 more | 7 Macos, Debian Linux, Android and 4 more | 2024-02-02 | N/A | 5.3 MEDIUM |
When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. *This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. |