Filtered by vendor Apple
Subscribe
Total
11236 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-3788 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2010-12-11 | 6.8 MEDIUM | N/A |
| QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file. | |||||
| CVE-2010-3797 | 1 Apple | 1 Mac Os X Server | 2010-12-10 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-3784 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-10 | 5.0 MEDIUM | N/A |
| The PMPageFormatCreateWithDataRepresentation API in Printing in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle XML data, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified API calls. | |||||
| CVE-2010-3783 | 1 Apple | 1 Mac Os X Server | 2010-12-10 | 6.8 MEDIUM | N/A |
| Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly perform replication, which allows remote authenticated users to bypass verification of the current password via unspecified vectors. | |||||
| CVE-2010-1847 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-10 | 4.9 MEDIUM | N/A |
| The kernel in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform memory management associated with terminal devices, which allows local users to cause a denial of service (system crash) via unspecified vectors. | |||||
| CVE-2010-1846 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-10 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RAW image. | |||||
| CVE-2010-1843 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-10 | 7.8 HIGH | N/A |
| Networking in Apple Mac OS X 10.6.2 through 10.6.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted PIM packet. | |||||
| CVE-2010-1840 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the password-validation functionality in Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | |||||
| CVE-2010-1836 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-10 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document. | |||||
| CVE-2010-1834 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-10 | 5.8 MEDIUM | N/A |
| CFNetwork in Apple Mac OS X 10.6.x before 10.6.5 does not properly validate the domains of cookies, which makes it easier for remote web servers to track users by setting a cookie that is associated with a partial IP address. | |||||
| CVE-2010-1833 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-10 | 6.8 MEDIUM | N/A |
| Apple Type Services (ATS) in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted embedded font in a document. | |||||
| CVE-2010-1832 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-10 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code via a crafted embedded font in a document. | |||||
| CVE-2010-1831 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-10 | 6.8 MEDIUM | N/A |
| Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code via a long name of an embedded font in a document. | |||||
| CVE-2010-1830 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-10 | 5.0 MEDIUM | N/A |
| AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 generates different error messages depending on whether a share exists, which allows remote attackers to enumerate valid share names via unspecified vectors. | |||||
| CVE-2010-1829 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-10 | 6.0 MEDIUM | N/A |
| Directory traversal vulnerability in AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to execute arbitrary code by creating files that are outside the bounds of a share. | |||||
| CVE-2010-1828 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-10 | 5.0 MEDIUM | N/A |
| AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon restart) via crafted reconnect authentication packets. | |||||
| CVE-2010-1803 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-10 | 4.3 MEDIUM | N/A |
| Time Machine in Apple Mac OS X 10.6.x before 10.6.5 does not verify the unique identifier of its remote AFP volume, which allows remote attackers to obtain sensitive information by spoofing this volume. | |||||
| CVE-2009-1707 | 1 Apple | 1 Safari | 2010-12-10 | 1.2 LOW | N/A |
| Race condition in the Reset Safari implementation in Apple Safari before 4.0 on Windows might allow local users to read stored web-site passwords via unspecified vectors. | |||||
| CVE-2010-0105 | 1 Apple | 1 Mac Os X | 2010-12-10 | 4.9 MEDIUM | N/A |
| The hfs implementation in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 supports hard links to directories and does not prevent certain deeply nested directory structures, which allows local users to cause a denial of service (filesystem corruption) via a crafted application that calls the mkdir and link functions, related to the fsck_hfs program in the diskdev_cmds component. | |||||
| CVE-2010-4012 | 1 Apple | 1 Iphone Os | 2010-12-09 | 6.2 MEDIUM | N/A |
| Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later allows physically proximate attackers to bypass the passcode lock by making a call from the Emergency Call screen, then quickly pressing the Sleep/Wake button. | |||||