iChat ROOMS Webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Max CVSS
5.0
EPSS Score
0.47%
Published
1998-09-09
Updated
2016-10-18
Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and earlier allows a remote attacker to cause a denial of service (crash) via a long HELO command.
Max CVSS
5.0
EPSS Score
0.43%
Published
1998-04-08
Updated
2017-11-21
A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes.
Max CVSS
5.0
EPSS Score
0.23%
Published
1999-06-03
Updated
2021-09-22
Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack.
Max CVSS
5.0
EPSS Score
3.84%
Published
1999-12-28
Updated
2021-09-22
Buffer overflow in WebObjects.exe in the WebObjects Developer 4.5 package allows remote attackers to cause a denial of service via an HTTP request with long headers such as Accept.
Max CVSS
5.0
EPSS Score
0.69%
Published
2000-04-04
Updated
2008-09-10
AppleShare IP 6.1 and later allows a remote attacker to read potentially sensitive information via an invalid range request to the web server.
Max CVSS
5.0
EPSS Score
0.22%
Published
2000-05-02
Updated
2017-11-27
Personal Web Sharing 1.5.5 allows a remote attacker to cause a denial of service via a long HTTP request.
Max CVSS
5.0
EPSS Score
0.78%
Published
2001-09-20
Updated
2017-12-19
Apple Personal Web Sharing (PWS) 1.1, 1.5, and 1.5.5, when Web Sharing authentication is enabled, allows remote attackers to cause a denial of service via a long password, possibly due to a buffer overflow.
Max CVSS
5.0
EPSS Score
1.22%
Published
2001-12-31
Updated
2017-07-11
The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings.
Max CVSS
5.0
EPSS Score
6.61%
Published
2002-08-12
Updated
2008-09-10
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
Max CVSS
5.0
EPSS Score
3.32%
Published
2002-11-04
Updated
2008-09-10
The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).
Max CVSS
5.0
EPSS Score
2.88%
Published
2002-11-12
Updated
2017-10-10
Mac OS X 10.2.2 allows remote attackers to cause a denial of service by accessing the CUPS Printing Web Administration utility, aka "CUPS Printing Web Administration is Remotely Accessible."
Max CVSS
5.0
EPSS Score
0.93%
Published
2002-12-11
Updated
2017-10-10
The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain passwords by sniffing network traffic.
Max CVSS
5.0
EPSS Score
0.16%
Published
2002-12-31
Updated
2008-09-05
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain the physical path of the server's installation path via a NULL file parameter.
Max CVSS
5.0
EPSS Score
0.57%
Published
2003-03-07
Updated
2016-10-18
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories.
Max CVSS
5.0
EPSS Score
0.57%
Published
2003-03-07
Updated
2016-10-18
Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates.
Max CVSS
5.0
EPSS Score
0.17%
Published
2003-06-09
Updated
2008-09-05
Unknown vulnerability in Apple File Service (AFP Server) for Mac OS X Server, when sharing files on a UFS or re-shared NFS volume, allows remote attackers to overwrite arbitrary files.
Max CVSS
5.0
EPSS Score
0.15%
Published
2003-07-24
Updated
2011-03-08
Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via a request to view_broadcast.cgi that does not contain the required parameters.
Max CVSS
5.0
EPSS Score
0.29%
Published
2003-08-27
Updated
2008-09-10
parse_xml.cgi in Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to obtain the source code for parseable files via the filename parameter.
Max CVSS
5.0
EPSS Score
0.73%
Published
2003-08-27
Updated
2008-09-10
Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to obtain the source code for scripts by appending encoded space (%20) or . (%2e) characters to an HTTP request for the script, e.g. view_broadcast.cgi.
Max CVSS
5.0
EPSS Score
0.73%
Published
2003-08-27
Updated
2008-09-10
Directory traversal vulnerability in Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to read arbitrary files via a ... (triple dot) in an HTTP request.
Max CVSS
5.0
EPSS Score
2.90%
Published
2003-08-27
Updated
2008-09-10
The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests.
Max CVSS
5.0
EPSS Score
1.12%
Published
2003-11-17
Updated
2008-09-10
Mac OS X before 10.3 initializes the TCP timestamp with a constant number, which allows remote attackers to determine the system's uptime via the ID field in a TCP packet.
Max CVSS
5.0
EPSS Score
0.34%
Published
2003-11-03
Updated
2008-09-05
Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
Max CVSS
5.0
EPSS Score
0.57%
Published
2003-12-15
Updated
2017-07-11
The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences.
Max CVSS
5.0
EPSS Score
0.96%
Published
2003-12-31
Updated
2008-09-10
1216 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!