Export limit exceeded: 356250 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (5617 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0737 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| The Login Window in Apple Mac OS X 10.3.9 through 10.4.9 does not properly check certain environment variables, which allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2007-0739 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the software update window beneath the loginwindow authentication dialog in certain circumstances related to running scheduled tasks, which allows local users to bypass authentication controls. | ||||
| CVE-2008-1575 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Apple Type Services (ATS) server in Apple Mac OS X 10.5 before 10.5.3 allows user-assisted remote attackers to execute arbitrary code via a crafted embedded font in a PDF document, related to memory corruption that occurs during printing. | ||||
| CVE-2008-1576 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Mail in Apple Mac OS X before 10.5, when an IPv6 SMTP server is used, does not properly initialize memory, which might allow remote attackers to execute arbitrary code or cause a denial of service (application crash), or obtain sensitive information (memory contents) in opportunistic circumstances, by sending an e-mail message. | ||||
| CVE-2006-6127 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Apple Mac OS X kernel allows local users to cause a denial of service via a process that uses kevent to register a queue and an event, then fork a child process that uses kevent to register an event for the same queue as the parent. | ||||
| CVE-2008-1701 | 2 Apple, Novell | 2 Mac Os X, Iprint | 2026-04-23 | N/A |
| Novell NetWare 6.5 allows attackers to cause a denial of service (ABEND) via a crafted Macintosh iPrint client request. | ||||
| CVE-2008-1517 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Array index error in the xnu (Mach) kernel in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (system shutdown) via unspecified vectors related to workqueues. | ||||
| CVE-2007-6359 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return NULL. | ||||
| CVE-2008-1579 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote attackers to obtain sensitive information (user names) by reading the error message produced upon access to a nonexistent blog. | ||||
| CVE-2008-1146 | 8 Apple, Cosmicperl, Darwin and 5 more | 9 Mac Os X, Mac Os X Server, Directory Pro and 6 more | 2026-04-23 | N/A |
| A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "Algorithm X3"), as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning against OpenBSD's modification of BIND. | ||||
| CVE-2007-2388 | 2 Apple, Microsoft | 3 Mac Os X, Quicktime, All Windows | 2026-04-23 | N/A |
| Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not properly restrict QTObject subclassing, which allows remote attackers to execute arbitrary code via a web page containing a user-defined class that accesses unsafe functions that can be leveraged to write to arbitrary memory locations. | ||||
| CVE-2007-2389 | 2 Apple, Microsoft | 3 Mac Os X, Quicktime, All Windows | 2026-04-23 | N/A |
| Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets. | ||||
| CVE-2006-6173 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number of ranges in the shared_region_make_private_np_args parameter. | ||||
| CVE-2007-2400 | 2 Apple, Microsoft | 5 Iphone Os, Mac Os X, Safari and 2 more | 2026-04-23 | N/A |
| Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, Windows XP, Windows Vista, and iPhone before 1.0.1, allows remote attackers to bypass the JavaScript security model and modify pages outside of the security domain and conduct cross-site scripting (XSS) attacks via vectors related to page updating and HTTP redirects. | ||||
| CVE-2008-0599 | 4 Apple, Canonical, Fedoraproject and 1 more | 5 Mac Os X, Mac Os X Server, Ubuntu Linux and 2 more | 2026-04-23 | 9.8 Critical |
| The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI. | ||||
| CVE-2006-4393 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, when Fast User Switching is enabled, allows local users to gain access to Kerberos tickets of other users. | ||||
| CVE-2006-4402 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Heap-based buffer overflow in the Finder in Apple Mac OS X 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary code by browsing directories containing crafted .DS_Store files. | ||||
| CVE-2006-4400 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Apple Type Services (ATS) server in Mac OS 10.4.8 and earlier allow user-assisted attackers to execute arbitrary code via crafted font files. | ||||
| CVE-2009-0160 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image that triggers memory corruption. | ||||
| CVE-2007-6427 | 8 Apple, Canonical, Debian and 5 more | 12 Mac Os X, Ubuntu Linux, Debian Linux and 9 more | 2026-04-23 | N/A |
| The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990. | ||||