Export limit exceeded: 357835 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (817 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3744 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Heap-based buffer overflow in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) implementation in mDNSResponder on Apple Mac OS X 10.4.10 before 20070731 allows network-adjacent remote attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2007-3745 | 1 Apple | 3 Core Audio Technologies, Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 contains an unsafe interface that is exposed by JDirect, which allows remote attackers to free arbitrary memory and thereby execute arbitrary code. | ||||
| CVE-2007-3746 | 1 Apple | 3 Ichat, Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 does not properly check the bounds of heap read and write operations, which allows remote attackers to execute arbitrary code via a crafted applet. | ||||
| CVE-2007-3747 | 1 Apple | 3 Ichat, Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 does not restrict object instantiation and manipulation to valid heap addresses, which allows remote attackers to execute arbitrary code via a crafted applet. | ||||
| CVE-2007-4269 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Integer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk Session Protocol (ASP) message on an AppleTalk socket, which triggers a heap-based buffer overflow. | ||||
| CVE-2007-4678 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| AppleRAID in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows attackers to cause a denial of service (crash) via a crafted striped disk image, which triggers a NULL pointer dereference when it is mounted. | ||||
| CVE-2007-4680 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| CFNetwork in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 does not properly validate certificates, which allows remote attackers to spoof trusted SSL certificates via a man-in-the-middle attack. | ||||
| CVE-2007-4686 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Integer signedness error in the ttioctl function in bsd/kern/tty.c in the xnu kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to cause a denial of service (system shutdown) or gain privileges via a crafted TIOCSETD ioctl request. | ||||
| CVE-2007-4687 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 contains a symbolic link from the tftpboot private directory to the root directory, which allows tftpd users to escape the private directory and access arbitrary files. | ||||
| CVE-2007-4688 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| The Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain all addresses for a host, including link-local addresses, via a Node Information Query. | ||||
| CVE-2007-4689 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Double free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via crafted IPV6 packets. | ||||
| CVE-2007-4690 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Double free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote authenticated users to execute arbitrary code via a crafted AUTH_UNIX RPC packet. | ||||
| CVE-2007-4691 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs. | ||||
| CVE-2007-4694 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Safari in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to access local content via file:// URLs. | ||||
| CVE-2007-4695 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Unspecified "input validation" vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to modify form field values via unknown vectors related to file uploads. | ||||
| CVE-2007-4696 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Race condition in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain information for forms from other sites via unknown vectors related to "page transitions" in Safari. | ||||
| CVE-2007-4697 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Unspecified vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via unknown vectors related to browser history, which triggers memory corruption. | ||||
| CVE-2007-4699 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2026-04-23 | N/A |
| The default configuration of Safari in Apple Mac OS X 10.4 through 10.4.10 adds a private key to the keychain with permissions that allow other applications to access the key without warning the user, which might allow other applications to bypass intended access restrictions. | ||||
| CVE-2007-4700 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Unspecified vulnerability in WebKit on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to use Safari as an indirect proxy and send attacker-controlled data to arbitrary TCP ports via unknown vectors. | ||||
| CVE-2009-2826 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Multiple integer overflows in CoreGraphics in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers a heap-based buffer overflow. | ||||