Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mac_os_x_server
(Apple)| Repositories | https://github.com/apache/httpd |
| #Vulnerabilities | 664 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2008-07-01 | CVE-2008-2314 | Dock in Apple Mac OS X 10.5 before 10.5.4, when Exposé hot corners is enabled, allows physically proximate attackers to gain access to a locked session in (1) sleep mode or (2) screen saver mode via unspecified vectors. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2016-03-24 | CVE-2016-1787 | Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors. | Mac_os_x_server | 5.3 | ||
| 2016-03-24 | CVE-2016-1777 | Web Server in Apple OS X Server before 5.1 supports the RC4 algorithm, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. | Mac_os_x_server | 7.5 | ||
| 2016-03-24 | CVE-2016-1776 | Web Server in Apple OS X Server before 5.1 does not properly restrict access to .DS_Store and .htaccess files, which allows remote attackers to obtain sensitive configuration information via an HTTP request. | Mac_os_x_server | 5.3 | ||
| 2016-03-24 | CVE-2016-1774 | The Time Machine server in Server App in Apple OS X Server before 5.1 does not notify the user about ignored permissions during a backup, which makes it easier for remote attackers to obtain sensitive information in opportunistic circumstances by reading backup data that lacks intended restrictions. | Mac_os_x_server | 5.3 | ||
| 2015-10-23 | CVE-2015-7031 | The Web Service component in Apple OS X Server before 5.0.15 omits an unspecified HTTP header configuration, which allows remote attackers to bypass intended access restrictions via unknown vectors. | Mac_os_x_server | N/A | ||
| 2015-09-05 | CVE-2015-5986 | openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response. | Mac_os_x_server, Bind | N/A | ||
| 2015-09-18 | CVE-2015-5911 | Multiple unspecified vulnerabilities in Twisted in Wiki Server in Apple OS X Server before 5.0.3 allow attackers to have an unknown impact via an XML document. | Mac_os_x_server | N/A | ||
| 2015-09-05 | CVE-2015-5722 | buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone. | Mac_os_x_server, Bind | N/A | ||
| 2015-05-28 | CVE-2015-3165 | Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence. | Mac_os_x_server, Ubuntu_linux, Debian_linux, Postgresql | N/A |