Export limit exceeded: 21176 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 12799 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366186 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366186 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 14587 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (14587 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1480 2 Apple, Sun 4 Mac Os Runtime For Java, Jdk, Jre and 1 more 2026-04-16 N/A
Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard.
CVE-2005-1340 1 Apple 1 Mac Os X 2026-04-16 N/A
The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy.
CVE-2004-0079 23 4d, Apple, Avaya and 20 more 67 Webstar, Mac Os X, Mac Os X Server and 64 more 2026-04-16 7.5 High
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
CVE-2005-1339 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name.
CVE-2005-1338 1 Apple 1 Mac Os X 2026-04-16 N/A
Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext.
CVE-2003-1414 1 Apple 2 Darwin Streaming Server, Quicktime Streaming Server 2026-04-16 N/A
Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter.
CVE-2002-2326 1 Apple 1 Mac Os X 2026-04-16 N/A
The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain passwords by sniffing network traffic.
CVE-2005-1337 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI.
CVE-2006-4965 1 Apple 1 Quicktime 2026-04-16 N/A
Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain. NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer.
CVE-2006-4887 1 Apple 2 Apple Remote Desktop, Mac Os X 2026-04-16 N/A
Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by selecting the icon during installation. NOTE: it could be argued that the issue is not in Remote Desktop itself, but in applications that are installed while using it.
CVE-2005-1336 1 Apple 1 Mac Os X 2026-04-16 N/A
Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable.
CVE-2003-1413 1 Apple 2 Darwin Streaming Server, Quicktime Streaming Server 2026-04-16 N/A
parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages.
CVE-2005-1335 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner."
CVE-2005-1333 1 Apple 1 Mac Os X 2026-04-16 N/A
Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files.
CVE-2003-1091 1 Apple 1 Quicktime Broadcaster 2026-04-16 N/A
Integer overflow in MP3Broadcaster for Apple QuickTime/Darwin Streaming Server 4.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed ID3 tags in MP3 files.
CVE-2002-1898 1 Apple 2 Mac Os X, Terminal 2026-04-16 N/A
Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window.
CVE-2005-1332 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory.
CVE-2001-1447 1 Apple 1 Mac Os X 2026-04-16 N/A
NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) "recent items" and (2) "services" menus, which causes the applications to run with root privileges.
CVE-2005-1331 1 Apple 3 Applescript, Mac Os X, Mac Os X Server 2026-04-16 N/A
The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.
CVE-2003-1011 1 Apple 1 Mac Os X 2026-04-16 N/A
Apple Mac OS X 10.0 through 10.2.8 allows local users with a USB keyboard to gain unauthorized access by holding down the CTRL and C keys when the system is booting, which crashes the init process and leaves the user in a root shell.