Multiple unspecified vulnerabilities in Twisted in Wiki Server in Apple OS X Server before 5.0.3 allow attackers to have an unknown impact via an XML document.
Max Base Score
10.0
Published
2015-09-18
Updated
2016-12-22
EPSS
0.34%
Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message.
Max Base Score
9.3
Published
2013-06-05
Updated
2013-06-05
EPSS
3.49%
Buffer overflow in AppKit in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a bidirectional text string with ellipsis truncation.
Max Base Score
9.3
Published
2010-11-15
Updated
2011-01-12
EPSS
0.90%
Disk Images in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted UDIF image.
Max Base Score
9.3
Published
2010-11-15
Updated
2011-01-12
EPSS
0.85%
Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image.
Max Base Score
9.3
Published
2017-04-13
Updated
2017-04-21
EPSS
1.01%
Open Directory in Apple Mac OS X 10.6 before 10.6.4 creates an unencrypted connection upon certain SSL failures, which allows man-in-the-middle attackers to spoof arbitrary network account servers, and possibly execute arbitrary code, via unspecified vectors.
Max Base Score
9.3
Published
2010-06-17
Updated
2010-06-18
EPSS
0.15%
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
Max Base Score
9.8
Published
2010-06-30
Updated
2020-08-14
EPSS
71.05%
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of service (application crash), or read the SMS database or other data, via vectors related to "attribute manipulation," as demonstrated by Vincenzo Iozzo and Ralf Philipp Weinmann during a Pwn2Own competition at CanSecWest 2010.
Max Base Score
10.0
Published
2010-03-25
Updated
2017-09-19
EPSS
94.14%
Server Admin in Apple Mac OS X Server 10.5.8 does not properly determine the privileges of users who had former membership in the admin group, which allows remote authenticated users to leverage this former membership to obtain a server connection via screen sharing.
Max Base Score
9.0
Published
2010-03-30
Updated
2010-06-21
EPSS
0.25%
The Accounts Preferences implementation in Apple Mac OS X 10.6 before 10.6.3, when a network account server is used, does not support Login Window access control that is based solely on group membership, which allows attackers to bypass intended access restrictions by entering login credentials.
Max Base Score
9.3
Published
2010-03-30
Updated
2010-05-21
EPSS
0.13%
Password Server in Apple Mac OS X Server before 10.6.3 does not properly perform password replication, which might allow remote authenticated users to obtain login access via an expired password.
Max Base Score
9.0
Published
2010-03-30
Updated
2010-03-31
EPSS
0.27%
Mail in Apple Mac OS X before 10.6.3 does not disable the filter rules associated with a deleted mail account, which has unspecified impact and attack vectors.
Max Base Score
10.0
Published
2010-03-30
Updated
2010-03-31
EPSS
0.23%
xar in Apple Mac OS X 10.5.8 does not properly validate package signatures, which allows attackers to have an unspecified impact via a modified package.
Max Base Score
10.0
Published
2010-03-30
Updated
2020-01-17
EPSS
0.32%
Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted DNG image.
Max Base Score
9.3
Published
2010-01-20
Updated
2017-08-17
EPSS
2.14%
Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file.
Max Base Score
9.3
Published
2010-01-20
Updated
2017-08-17
EPSS
2.72%
AFP Client in Apple Mac OS X 10.5.8 allows remote AFP servers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via unspecified vectors.
Max Base Score
9.3
Published
2009-11-10
Updated
2009-11-17
EPSS
0.21%
Buffer overflow in the kernel in Apple Mac OS X 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a crafted AppleTalk response packet.
Max Base Score
10.0
Published
2009-08-06
Updated
2017-08-17
EPSS
4.42%
Buffer overflow in ImageIO in Apple Mac OS X 10.5 before 10.5.8, and Safari before 4.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with crafted EXIF metadata.
Max Base Score
9.3
Published
2009-08-06
Updated
2017-08-17
EPSS
4.28%
Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image containing an embedded ColorSync profile.
Max Base Score
9.3
Published
2009-08-06
Updated
2017-09-29
EPSS
10.06%
Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a certain ifPort structure member.
Max Base Score
10.0
Published
2009-04-02
Updated
2017-09-29
EPSS
7.04%
Unspecified vulnerability in the SMB component in Apple Mac OS X 10.4.11 and 10.5.6 allows remote SMB servers to cause a denial of service (memory exhaustion and system shutdown) via a crafted file system name.
Max Base Score
9.3
Published
2009-02-13
Updated
2011-03-08
EPSS
0.16%
Integer overflow in the SMB component in Apple Mac OS X 10.5.6 allows remote SMB servers to cause a denial of service (system shutdown) or execute arbitrary code via a crafted SMB file system that triggers a heap-based buffer overflow.
Max Base Score
9.3
Published
2009-02-13
Updated
2011-03-08
EPSS
0.20%
servermgrd (Server Manager) in Apple Mac OS X 10.5.6 does not properly validate authentication credentials, which allows remote attackers to modify the system configuration.
Max Base Score
10.0
Published
2009-02-13
Updated
2011-03-08
EPSS
1.57%
Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string.
Max Base Score
10.0
Published
2009-02-13
Updated
2011-03-07
EPSS
11.26%
Managed Client in Apple Mac OS X before 10.5.6 sometimes misidentifies a system when installing per-host configuration settings, which allows context-dependent attackers to have an unspecified impact by leveraging unintended settings, as demonstrated by the screen saver lock setting.
Max Base Score
10.0
Published
2008-12-17
Updated
2011-03-08
EPSS
0.29%
71 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!