Apple macOS vulnerabilities

3,139 known vulnerabilities affecting apple/mac_os_x.

Total CVEs

3,139

CISA KEV

actively exploited

Public exploits

277

Exploited in wild

Severity breakdown

CRITICAL302HIGH1409MEDIUM1236LOW192

Vulnerabilities

Page 154 of 157

CVE-2004-0514HIGHCVSS 7.2v10.3v10.3.1+2 more2004-08-18

CVE-2004-0514 [HIGH] CVE-2004-0514: Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups."

nvd

CVE-2004-0515MEDIUMCVSS 4.6v10.3v10.3.1+2 more2004-08-18

CVE-2004-0515 [MEDIUM] CVE-2004-0515: Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of console log files. Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of console log files."

nvd

CVE-2004-0516MEDIUMCVSS 4.6v10.3v10.3.1+2 more2004-08-18

CVE-2004-0516 [MEDIUM] CVE-2004-0516: Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vul Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vulnerability than CVE-2004-0517.

nvd

CVE-2004-0517MEDIUMCVSS 4.6v10.3v10.3.1+2 more2004-08-18

CVE-2004-0517 [MEDIUM] CVE-2004-0517: Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package install Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package installation," a different vulnerability than CVE-2004-0516.

nvd

CVE-2004-0539CRITICALCVSS 10.0v10.2.8v10.3.42004-08-06

CVE-2004-0539 [CRITICAL] CVE-2004-0539: The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute down The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute downloaded applications, which could allow remote attackers to execute arbitrary code.

nvd

CVE-2004-0538HIGHCVSS 7.5v10.2.8v10.3.42004-08-06

CVE-2004-0538 [HIGH] CVE-2004-0538: LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, which could allow attackers to execute arbitrary code without warning the user.

nvd

CVE-2004-0489HIGHCVSS 7.6≤ 10.3.32004-07-07

CVE-2004-0489 [HIGH] CWE-88 CVE-2004-0489: Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allo Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to (1) execute arbitrary code via the ProxyCommand option or (2) conduct port forwarding via the -R option.

nvd

CVE-2004-0486HIGHCVSS 7.6PoCv10.3v10.3.1+2 more2004-07-07

CVE-2004-0486 [HIGH] CVE-2004-0486: HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a help: URI handler.

nvd

CVE-2004-0430MEDIUMCVSS 5.1PoC≤ 10.3.32004-07-07

CVE-2004-0430 [MEDIUM] CVE-2004-0430: Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attacke Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field.

nvd

CVE-2004-0485MEDIUMCVSS 5.0v10.2.8v10.3.32004-07-07

CVE-2004-0485 [MEDIUM] CVE-2004-0485: The default protocol helper for the disk: URI on Mac OS X 10.3.3 and 10.2.8 allows remote attackers The default protocol helper for the disk: URI on Mac OS X 10.3.3 and 10.2.8 allows remote attackers to write arbitrary files by causing a disk image file (.dmg) to be mounted as a disk volume.

nvd

CVE-2004-0383HIGHCVSS 7.2v10.2.8v10.3.32004-05-04

CVE-2004-0383 [HIGH] CVE-2004-0383: Unknown vulnerability in Mail for Mac OS X 10.3.3 and 10.2.8, with unknown impact, related to "the h Unknown vulnerability in Mail for Mac OS X 10.3.3 and 10.2.8, with unknown impact, related to "the handling of HTML-formatted email."

nvd

CVE-2004-0382HIGHCVSS 7.2v10.2.8v10.3.32004-05-04

CVE-2004-0382 [HIGH] CVE-2004-0382: Unknown vulnerability in the CUPS printing system in Mac OS X 10.3.3 and Mac OS X 10.2.8 with unknow Unknown vulnerability in the CUPS printing system in Mac OS X 10.3.3 and Mac OS X 10.2.8 with unknown impact, possibly related to a configuration file setting.

nvd

CVE-2004-0428MEDIUMCVSS 5.0v10.2v10.2.1+11 more2004-05-03

CVE-2004-0428 [MEDIUM] CVE-2004-0428: Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "t Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact.

nvd

CVE-2003-1009CRITICALCVSS 10.0v10.0.2v10.0.3+2 more2004-03-29

CVE-2003-1009 [CRITICAL] CVE-2003-1009: Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 t Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain privileges.

nvd

CVE-2003-1011HIGHCVSS 7.2v10.0v10.0.1+18 more2004-03-29

CVE-2003-1011 [HIGH] CVE-2003-1011: Apple Mac OS X 10.0 through 10.2.8 allows local users with a USB keyboard to gain unauthorized acces Apple Mac OS X 10.0 through 10.2.8 allows local users with a USB keyboard to gain unauthorized access by holding down the CTRL and C keys when the system is booting, which crashes the init process and leaves the user in a root shell.

nvd

CVE-2003-1006HIGHCVSS 7.2PoCv10.0v10.0.1+21 more2004-03-29

CVE-2003-1006 [HIGH] CVE-2003-1006: Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter.

nvd

CVE-2003-1008MEDIUMCVSS 4.6v10.2.8v10.3.22004-03-29

CVE-2003-1008 [MEDIUM] CVE-2003-1008: Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users to bypass the screen saver lo Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users to bypass the screen saver login window and write a text clipping to the desktop or another application.

nvd

CVE-2003-1007MEDIUMCVSS 5.0v10.2.8v10.3.22004-03-29

CVE-2003-1007 [MEDIUM] CVE-2003-1007: AppleFileServer (AFS) in Apple Mac OS X 10.2.8 and 10.3.2 does not properly handle certain malformed AppleFileServer (AFS) in Apple Mac OS X 10.2.8 and 10.3.2 does not properly handle certain malformed requests, with unknown impact.

nvd

CVE-2004-0168CRITICALCVSS 10.0v10.2.8v10.3.22004-03-15

CVE-2004-0168 [CRITICAL] CVE-2004-0168: Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging." Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging."

nvd

CVE-2004-0167HIGHCVSS 7.5v10.2.8v10.3.22004-03-15

CVE-2004-0167 [HIGH] CVE-2004-0167: DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initialize writeable removable media DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initialize writeable removable media.

nvd

← Previous154 / 157Next →