ReportizFlow
Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X
Subscriptions
Total
5568 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-2842 | 2 Apple, Google | 2 Mac Os X, Chrome | 2025-04-11 | N/A |
| The installer in Google Chrome before 14.0.835.163 on Mac OS X does not properly handle lock files, which has unspecified impact and attack vectors. | ||||
| CVE-2011-0563 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-11 | N/A |
| Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0589 and CVE-2011-0606. | ||||
| CVE-2011-3222 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file. | ||||
| CVE-2011-3221 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| QuickTime in Apple Mac OS X before 10.7.2 does not properly handle the atom hierarchy in movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. | ||||
| CVE-2011-3225 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| The SMB File Server component in Apple Mac OS X 10.7 before 10.7.2 does not prevent all guest users from accessing the share point record of a guest-restricted folder, which allows remote attackers to bypass intended browsing restrictions by leveraging access to the nobody account. | ||||
| CVE-2011-3226 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Open Directory in Apple Mac OS X 10.7 before 10.7.2, when an LDAPv3 server is used with RFC 2307 or custom mappings, allows remote attackers to bypass the password requirement by leveraging lack of an AuthenticationAuthority attribute for a user account. | ||||
| CVE-2011-0565 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-11 | N/A |
| Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0585. | ||||
| CVE-2011-3435 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows local users to read the password data of arbitrary users via unspecified vectors. | ||||
| CVE-2011-3447 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| CFNetwork in Apple Mac OS X 10.7.x before 10.7.3 does not properly construct request headers during parsing of URLs, which allows remote attackers to obtain sensitive information via a malformed URL. | ||||
| CVE-2011-3462 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP volume or Time Capsule, which allows remote attackers to obtain sensitive information contained in new backups by spoofing this storage object, a different vulnerability than CVE-2010-1803. | ||||
| CVE-2011-3460 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Buffer overflow in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PNG file. | ||||
| CVE-2010-3809 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | N/A |
| WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of inline styling, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. | ||||
| CVE-2010-3821 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | N/A |
| WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly handle the :first-letter pseudo-element in a Cascading Style Sheets (CSS) token sequence, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
| CVE-2010-3823 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Geolocation objects. NOTE: this might overlap CVE-2010-3415. | ||||
| CVE-2010-3824 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving SVG use elements. | ||||
| CVE-2011-2416 | 7 Adobe, Apple, Google and 4 more | 8 Adobe Air, Flash Player, Mac Os X and 5 more | 2025-04-11 | N/A |
| Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138. | ||||
| CVE-2011-0188 | 3 Apple, Redhat, Ruby-lang | 4 Mac Os X, Mac Os X Server, Enterprise Linux and 1 more | 2025-04-11 | N/A |
| The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an "integer truncation issue." | ||||
| CVE-2011-0218 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | N/A |
| WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | ||||
| CVE-2011-0223 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | N/A |
| WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | ||||
| CVE-2011-0244 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | N/A |
| WebKit in Apple Safari before 5.0.6 allows user-assisted remote attackers to read arbitrary files via vectors related to improper canonicalization of URLs within RSS feeds. | ||||