Web Server in Apple OS X Server before 5.1 supports the RC4 algorithm, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.25%
Published
2016-03-24
Updated
2016-12-20
openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response.
Max CVSS
7.1
EPSS Score
95.81%
Published
2015-09-05
Updated
2016-12-31
buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone.
Max CVSS
7.8
EPSS Score
96.60%
Published
2015-09-05
Updated
2016-12-31
Array index error in Dock in Apple OS X before 10.9.4 allows attackers to execute arbitrary code or cause a denial of service (incorrect function-pointer dereference and application crash) by leveraging access to a sandboxed application for sending a message.
Max CVSS
7.5
EPSS Score
3.90%
Published
2014-07-01
Updated
2015-12-22
Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages.
Max CVSS
7.5
EPSS Score
0.28%
Published
2014-02-27
Updated
2014-02-27
CoreText in Apple Mac OS X 10.7.x before 10.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write or read) via a crafted text glyph.
Max CVSS
7.5
EPSS Score
2.33%
Published
2012-09-20
Updated
2017-08-29
Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input.
Max CVSS
7.5
EPSS Score
11.25%
Published
2012-05-11
Updated
2012-05-30
Buffer overflow in the DirectoryService Proxy in DirectoryService in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
Max CVSS
7.5
EPSS Score
1.19%
Published
2012-09-20
Updated
2012-09-21
WebDAV Sharing in Apple Mac OS X 10.7.x before 10.7.3 does not properly perform authentication, which allows local users to gain privileges by leveraging access to (1) the server or (2) a bound directory.
Max CVSS
7.2
EPSS Score
0.04%
Published
2012-02-02
Updated
2012-02-03
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PNG file.
Max CVSS
7.5
EPSS Score
5.89%
Published
2012-02-02
Updated
2012-05-18
The OpenGL implementation in Apple Mac OS X before 10.7.3 does not properly perform OpenGL Shading Language (aka GLSL) compilation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted program.
Max CVSS
7.5
EPSS Score
2.55%
Published
2012-02-02
Updated
2012-09-22
Integer overflow in libresolv in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via crafted DNS data.
Max CVSS
7.5
EPSS Score
5.88%
Published
2012-02-02
Updated
2018-01-06
Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book.
Max CVSS
7.5
EPSS Score
0.39%
Published
2012-02-02
Updated
2012-02-03
The File Systems component in Apple Mac OS X before 10.7.2 does not properly track the specific X.509 certificate that a user manually accepted for an initial https WebDAV connection, which allows man-in-the-middle attackers to hijack WebDAV communication by presenting an arbitrary certificate for a subsequent connection.
Max CVSS
7.6
EPSS Score
0.12%
Published
2011-10-14
Updated
2012-01-14
jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
Max CVSS
7.5
EPSS Score
8.13%
Published
2011-06-21
Updated
2024-02-02
Buffer overflow in the ATSFontDeactivate API in Apple Type Services (ATS) in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
Max CVSS
7.5
EPSS Score
2.02%
Published
2011-10-14
Updated
2012-01-14
Buffer overflow in International Components for Unicode (ICU) in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving uppercase strings.
Max CVSS
7.5
EPSS Score
0.81%
Published
2011-06-24
Updated
2017-08-17
Off-by-one error in the CoreFoundation framework in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a CFString object that triggers a buffer overflow.
Max CVSS
7.5
EPSS Score
0.66%
Published
2011-06-24
Updated
2011-07-23
AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service (out-of-bounds read and reboot) via Wi-Fi frames on the local wireless network.
Max CVSS
7.8
EPSS Score
0.16%
Published
2011-06-24
Updated
2011-06-27
The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a call gate entry.
Max CVSS
7.2
EPSS Score
0.04%
Published
2011-03-23
Updated
2012-02-14
Unspecified vulnerability in Image Capture in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to cause a denial of service (memory consumption and system crash) via a crafted image.
Max CVSS
7.1
EPSS Score
0.46%
Published
2010-11-16
Updated
2011-01-12
Networking in Apple Mac OS X 10.6.2 through 10.6.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted PIM packet.
Max CVSS
7.8
EPSS Score
6.50%
Published
2010-11-16
Updated
2010-12-10
Stack-based buffer overflow in the password-validation functionality in Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
Max CVSS
7.5
EPSS Score
14.63%
Published
2010-11-15
Updated
2010-12-10
Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-04-13
Updated
2017-04-21
Integer overflow in the cgtexttops CUPS filter in Printing in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page sizes.
Max CVSS
7.5
EPSS Score
1.67%
Published
2010-06-17
Updated
2010-06-18
149 vulnerabilities found
1 2 3 4 5 6
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!