Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Apple Subscribe
Filtered by product Mac Os X Server
Total 817 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-2195 2 Apple, Microsoft 5 Mac Os X, Mac Os X Server, Safari and 2 more 2011-02-17 9.3 HIGH N/A
Buffer overflow in WebKit in Apple Safari before 4.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted floating-point numbers.
CVE-2010-4013 1 Apple 2 Mac Os X, Mac Os X Server 2011-01-20 6.8 MEDIUM N/A
Format string vulnerability in PackageKit in Apple Mac OS X 10.6.x before 10.6.6 allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to interaction between Software Update and distribution scripts.
CVE-2010-1844 1 Apple 2 Mac Os X, Mac Os X Server 2011-01-12 7.1 HIGH N/A
Unspecified vulnerability in Image Capture in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to cause a denial of service (memory consumption and system crash) via a crafted image.
CVE-2010-1842 1 Apple 2 Mac Os X, Mac Os X Server 2011-01-12 9.3 HIGH N/A
Buffer overflow in AppKit in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a bidirectional text string with ellipsis truncation.
CVE-2010-1841 1 Apple 2 Mac Os X, Mac Os X Server 2011-01-12 9.3 HIGH N/A
Disk Images in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted UDIF image.
CVE-2010-1838 1 Apple 2 Mac Os X, Mac Os X Server 2011-01-12 4.4 MEDIUM N/A
Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle errors associated with disabled mobile accounts, which allows remote attackers to bypass authentication by providing a valid account name.
CVE-2010-1837 1 Apple 2 Mac Os X, Mac Os X Server 2011-01-12 6.8 MEDIUM N/A
CoreText in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a PDF document.
CVE-2009-2843 1 Apple 2 Mac Os X, Mac Os X Server 2011-01-04 5.0 MEDIUM N/A
Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accepts expired certificates for applets, which makes it easier for remote attackers to execute arbitrary code via an applet.
CVE-2010-3787 1 Apple 2 Mac Os X, Mac Os X Server 2010-12-18 6.8 MEDIUM N/A
Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image.
CVE-2010-3795 1 Apple 2 Mac Os X, Mac Os X Server 2010-12-11 6.8 MEDIUM N/A
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of GIF image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.
CVE-2010-3794 1 Apple 2 Mac Os X, Mac Os X Server 2010-12-11 6.8 MEDIUM N/A
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of FlashPix image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.
CVE-2010-3793 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2010-12-11 6.8 MEDIUM N/A
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Sorenson movie file.
CVE-2010-3792 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2010-12-11 6.8 MEDIUM N/A
Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file.
CVE-2010-3791 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2010-12-11 6.8 MEDIUM N/A
Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file.
CVE-2010-3789 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2010-12-11 6.8 MEDIUM N/A
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted AVI file.
CVE-2010-3788 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2010-12-11 6.8 MEDIUM N/A
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file.
CVE-2010-3797 1 Apple 1 Mac Os X Server 2010-12-10 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3784 1 Apple 2 Mac Os X, Mac Os X Server 2010-12-10 5.0 MEDIUM N/A
The PMPageFormatCreateWithDataRepresentation API in Printing in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle XML data, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified API calls.
CVE-2010-3783 1 Apple 1 Mac Os X Server 2010-12-10 6.8 MEDIUM N/A
Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly perform replication, which allows remote authenticated users to bypass verification of the current password via unspecified vectors.
CVE-2010-1847 1 Apple 2 Mac Os X, Mac Os X Server 2010-12-10 4.9 MEDIUM N/A
The kernel in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform memory management associated with terminal devices, which allows local users to cause a denial of service (system crash) via unspecified vectors.