Export limit exceeded: 366284 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 14587 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (14587 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0712 1 Apple 1 Mac Os X 2026-04-16 N/A
Mac OS X before 10.3.8 users world-writable permissions for certain directories, which may allow local users to gain privileges, possibly via the receipt cache or ColorSync profiles.
CVE-2006-3372 1 Apple 1 Safari 2026-04-16 N/A
Apple Safari 2.0.4/419.3 allows remote attackers to cause a denial of service (application crash) via a DHTML setAttributeNode function call with zero arguments, which triggers a null dereference.
CVE-2003-0883 1 Apple 1 Mac Os X 2026-04-16 N/A
The System Preferences capability in Mac OS X before 10.3 allows local users to access secure Preference Panes for a short period after an administrator has authenticated to the system.
CVE-2006-3356 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to cause a denial of service (application crash) via an invalid tag value in a TIFF image, possibly triggering a null dereference. NOTE: This is a different issue than CVE-2006-1469.
CVE-2005-0594 1 Apple 1 Mac Os X Server 2026-04-16 N/A
Buffer overflow in the Netinfo Setup Tool (NeST) allows local users to execute arbitrary code.
CVE-2006-3224 1 Apple 1 Safari 2026-04-16 N/A
Apple Safari 2.0.3 (417.9.3) on Mac OS X 10.4.6 allows remote attackers to cause a denial of service (CPU consumption) via Javascript with an infinite for loop. NOTE: it could be argued that this is not a vulnerability, unless it interferes with the operation of the system outside of the scope of Safari itself.
CVE-2006-2277 1 Apple 1 Mac Os X 2026-04-16 N/A
Multiple Apple Mac OS X 10.4 applications might allow context-dependent attackers to cause a denial of service (application crash) via a crafted OpenEXR (.exr) image file, which triggers the crash when opening a folder using Finder, displaying the image in Safari, or using Preview to open the file.
CVE-2005-0373 6 Apple, Conectiva, Cyrus and 3 more 8 Mac Os X, Mac Os X Server, Linux and 5 more 2026-04-16 N/A
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.
CVE-1999-1543 1 Apple 1 Macos 2026-04-16 N/A
MacOS uses weak encryption for passwords that are stored in the Users & Groups Data File.
CVE-2006-2238 1 Apple 1 Quicktime 2026-04-16 N/A
Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that triggers the overflow in the ReadBMP function. NOTE: this issue was originally included as item 3 in CVE-2006-1983, but it has been given a separate identifier because it is a distinct issue.
CVE-2001-1411 1 Apple 1 Mac Os X 2026-04-16 N/A
Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs.
CVE-2005-0342 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file.
CVE-2003-0882 1 Apple 1 Mac Os X 2026-04-16 N/A
Mac OS X before 10.3 initializes the TCP timestamp with a constant number, which allows remote attackers to determine the system's uptime via the ID field in a TCP packet.
CVE-2006-2019 1 Apple 1 Safari 2026-04-16 N/A
Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows remote attackers to cause a denial of service (CPU consumption and crash) via a TD element with a large number in the rowspan attribute.
CVE-2002-1367 3 Apple, Easy Software Products, Redhat 3 Mac Os X, Cups, Linux 2026-04-16 N/A
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate for the administration server via a "need authorization" page, as demonstrated by new-coke.
CVE-2006-1988 1 Apple 1 Safari 2026-04-16 N/A
The WebTextRenderer(WebInternal) _CG_drawRun:style:geometry: function in Apple Safari 2.0.3 allows remote attackers to cause a denial of service (application crash) via an HTML LI tag with a large VALUE attribute (list item number), which triggers a null dereference in QPainter::drawText, probably due to a failed memory allocation that uses the VALUE.
CVE-2006-1987 1 Apple 1 Safari 2026-04-16 N/A
Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via an invalid FRAME tag, possibly due to (1) multiple SCROLLING attributes with no values, or (2) a SRC attribute with no value. NOTE: due to lack of diagnosis by the researcher, it is unclear which vector is responsible.
CVE-2005-0341 1 Apple 1 Safari 2026-04-16 N/A
Apple Safari 1.2.4 does not obey the Content-type field in the HTTP header and renders text as HTML, which allows remote attackers to inject arbitrary web script or HTML and perform cross-site scripting (XSS) attacks.
CVE-2006-1986 1 Apple 1 Safari 2026-04-16 N/A
Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via a large CELLSPACING attribute in a TABLE tag, which triggers an error in KWQListIteratorImpl::KWQListIteratorImpl.
CVE-2003-0881 1 Apple 1 Mac Os X 2026-04-16 N/A
Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password.