Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mac_os_x
(Apple)Repositories |
• https://github.com/madler/zlib
• https://github.com/apache/httpd • https://github.com/file/file • https://github.com/Perl/perl5 • https://github.com/openssh/openssh-portable |
#Vulnerabilities | 3208 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-02-09 | CVE-2022-0530 | A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. | Mac_os_x, Macos, Debian_linux, Fedora, Enterprise_linux, Unzip | 5.5 | ||
2005-05-02 | CVE-2005-0125 | The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read arbitrary files via the -f argument to batch, which generates a job file that is readable by the local user. | Mac_os_x, Mac_os_x_server | N/A | ||
2009-09-08 | CVE-2009-3095 | The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. | Http_server, Mac_os_x, Debian_linux, Fedora, Opensuse, Linux_enterprise_desktop, Linux_enterprise_server | N/A | ||
2010-03-30 | CVE-2010-0055 | xar in Apple Mac OS X 10.5.8 does not properly validate package signatures, which allows attackers to have an unspecified impact via a modified package. | Mac_os_x, Mac_os_x_server | N/A | ||
2010-06-30 | CVE-2010-1205 | Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. | Iphone_os, Itunes, Mac_os_x, Mac_os_x_server, Safari, Ubuntu_linux, Debian_linux, Fedora, Chrome, Libpng, Firefox, Seamonkey, Thunderbird, Opensuse, Linux_enterprise_server, Player, Workstation | 9.8 | ||
2010-11-16 | CVE-2010-3798 | Heap-based buffer overflow in xar in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted xar archive. | Mac_os_x, Mac_os_x_server | N/A | ||
2011-06-24 | CVE-2009-5044 | contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file. | Mac_os_x, Groff | N/A | ||
2011-08-29 | CVE-2011-2821 | Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression. | Iphone_os, Mac_os_x, Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation | N/A | ||
2011-09-19 | CVE-2011-2834 | Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | Iphone_os, Mac_os_x, Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation | N/A | ||
2012-01-07 | CVE-2011-3919 | Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | Iphone_os, Mac_os_x, Debian_linux, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation, Linux_enterprise_server | N/A |