Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X Server
Subscriptions
Total
817 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2011-0180 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2022-10-03 | N/A |
Integer overflow in HFS in Apple Mac OS X before 10.6.7 allows local users to read arbitrary (1) HFS, (2) HFS+, or (3) HFS+J files via a crafted F_READBOOTSTRAP ioctl call. | ||||
CVE-2011-0172 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2022-10-03 | N/A |
AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to cause a denial of service (divide-by-zero error and reboot) via Wi-Fi frames on the local wireless network, a different vulnerability than CVE-2011-0162. | ||||
CVE-2011-0196 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2022-10-03 | N/A |
AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service (out-of-bounds read and reboot) via Wi-Fi frames on the local wireless network. | ||||
CVE-2011-0179 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2022-10-03 | N/A |
CoreText in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a document that contains a crafted embedded font. | ||||
CVE-2011-0193 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2022-10-03 | N/A |
Multiple buffer overflows in Image RAW in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Canon RAW image. | ||||
CVE-2011-0190 | 1 Apple | 3 Installer, Mac Os X, Mac Os X Server | 2022-10-03 | N/A |
Install Helper in Installer in Apple Mac OS X before 10.6.7 does not properly process an unspecified URL, which might allow remote attackers to track user logins by logging network traffic from an agent that was intended to send network traffic to an Apple server. | ||||
CVE-2011-0178 | 1 Apple | 3 Carboncore, Mac Os X, Mac Os X Server | 2022-10-03 | N/A |
The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 provides a world-readable directory in response to a call with the kTemporaryFolderType flag, which allows local users to obtain potentially sensitive information by accessing this directory. | ||||
CVE-2011-0219 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2022-10-03 | N/A |
Apple Safari before 5.0.6 allows remote attackers to bypass the Same Origin Policy, and modify the rendering of text from arbitrary web sites, via a Java applet that loads fonts. | ||||
CVE-2011-3449 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2022-10-03 | N/A |
Use-after-free vulnerability in CoreText in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document. | ||||
CVE-2011-3463 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2022-10-03 | N/A |
WebDAV Sharing in Apple Mac OS X 10.7.x before 10.7.3 does not properly perform authentication, which allows local users to gain privileges by leveraging access to (1) the server or (2) a bound directory. | ||||
CVE-2011-3448 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2022-10-03 | N/A |
Heap-based buffer overflow in CoreMedia in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. | ||||
CVE-2011-3452 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2022-10-03 | N/A |
Internet Sharing in Apple Mac OS X before 10.7.3 does not preserve the Wi-Fi configuration across software updates, which allows remote attackers to obtain sensitive information by leveraging the lack of a WEP password for a Wi-Fi network. | ||||
CVE-2011-3447 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2022-10-03 | N/A |
CFNetwork in Apple Mac OS X 10.7.x before 10.7.3 does not properly construct request headers during parsing of URLs, which allows remote attackers to obtain sensitive information via a malformed URL. | ||||
CVE-2011-3450 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2022-10-03 | N/A |
CoreUI in Apple Mac OS X 10.7.x before 10.7.3 does not properly restrict the allocation of stack memory, which allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption and application crash) via a long URL. | ||||
CVE-2011-3444 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2022-10-03 | N/A |
Address Book in Apple Mac OS X before 10.7.3 automatically switches to unencrypted sessions upon failure of encrypted connections, which allows remote attackers to read CardDAV data by terminating an encrypted connection and then sniffing the network. | ||||
CVE-2011-3446 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2022-10-03 | N/A |
Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book. | ||||
CVE-2011-3462 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2022-10-03 | N/A |
Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP volume or Time Capsule, which allows remote attackers to obtain sensitive information contained in new backups by spoofing this storage object, a different vulnerability than CVE-2010-1803. | ||||
CVE-2013-0960 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2022-10-03 | N/A |
WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2013-0961. | ||||
CVE-2013-0961 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2022-10-03 | N/A |
WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2013-0960. | ||||
CVE-2013-0973 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2022-10-03 | N/A |
Software Update in Apple Mac OS X through 10.7.5 does not prevent plugin loading within the marketing-text WebView, which allows man-in-the-middle attackers to execute plugin code by modifying the client-server data stream. |