Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0509 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-03-31 | 7.2 HIGH | N/A |
| SFLServer in OS Services in Apple Mac OS X before 10.6.3 allows local users to gain privileges via vectors related to use of wheel group membership during access to the home directories of user accounts. | |||||
| CVE-2010-0501 | 1 Apple | 1 Mac Os X Server | 2010-03-31 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in FTP Server in Apple Mac OS X Server before 10.6.3 allows remote authenticated users to read arbitrary files via crafted filenames. | |||||
| CVE-2010-0065 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-03-31 | 6.8 MEDIUM | N/A |
| Disk Images in Apple Mac OS X before 10.6.3 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted disk image with bzip2 compression. | |||||
| CVE-2010-0506 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-03-31 | 6.8 MEDIUM | N/A |
| Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted NEF image. | |||||
| CVE-2010-0064 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-03-31 | 6.9 MEDIUM | N/A |
| DesktopServices in Apple Mac OS X 10.6 before 10.6.3 preserves file ownership during an authenticated Finder copy, which might allow local users to bypass intended disk-quota restrictions and have unspecified other impact by copying files owned by other users. | |||||
| CVE-2010-0500 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-03-31 | 7.8 HIGH | N/A |
| Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service (arbitrary client blacklisting) via a crafted DNS PTR record, related to a "plist injection issue." | |||||
| CVE-2010-0511 | 1 Apple | 1 Mac Os X Server | 2010-03-31 | 5.0 MEDIUM | N/A |
| Podcast Producer in Apple Mac OS X 10.6 before 10.6.3 deletes the access restrictions of a Podcast Composer workflow when this workflow is overwritten, which allows attackers to access a workflow via unspecified vectors. | |||||
| CVE-2010-0508 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-03-31 | 10.0 HIGH | N/A |
| Mail in Apple Mac OS X before 10.6.3 does not disable the filter rules associated with a deleted mail account, which has unspecified impact and attack vectors. | |||||
| CVE-2010-0058 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-03-31 | 6.4 MEDIUM | N/A |
| freshclam in ClamAV in Apple Mac OS X 10.5.8 with Security Update 2009-005 has an incorrect launchd.plist ProgramArguments key and consequently does not run, which might allow remote attackers to introduce viruses into the system. | |||||
| CVE-2010-0507 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-03-31 | 6.8 MEDIUM | N/A |
| Buffer overflow in Image RAW in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PEF image. | |||||
| CVE-2010-0057 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-03-31 | 7.5 HIGH | N/A |
| AFP Server in Apple Mac OS X before 10.6.3 does not prevent guest use of AFP shares when guest access is disabled, which allows remote attackers to bypass intended access restrictions via a mount request. | |||||
| CVE-2010-0056 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-03-31 | 6.8 MEDIUM | N/A |
| Buffer overflow in Cocoa spell checking in AppKit in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document. | |||||
| CVE-2009-2204 | 1 Apple | 1 Iphone Os | 2010-03-30 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapore. | |||||
| CVE-2010-1179 | 1 Apple | 2 Iphone Os, Safari | 2010-03-30 | 9.3 HIGH | N/A |
| Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large integer in the numcolors attribute of a recolorinfo element in a VML file, possibly a related issue to CVE-2007-0024. | |||||
| CVE-2010-1177 | 1 Apple | 2 Iphone Os, Safari | 2010-03-30 | 9.3 HIGH | N/A |
| Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving document.write calls with long crafted strings. | |||||
| CVE-2010-1176 | 1 Apple | 2 Iphone Os, Safari | 2010-03-30 | 9.3 HIGH | N/A |
| Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to an array of long strings, an array of IMG elements with crafted strings in their SRC attributes, a TBODY element with no associated TABLE element, and certain calls to the delete operator and the cloneNode, clearAttributes, and CollectGarbage methods, possibly a related issue to CVE-2009-0075. | |||||
| CVE-2010-1182 | 1 Ibm | 2 Websphere Application Server, Zos | 2010-03-30 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in the administrative console in IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.9 on z/OS have unknown impact and attack vectors. | |||||
| CVE-2009-4740 | 1 Typo3 | 2 Typo3, Ws Ecard | 2010-03-29 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the Webesse E-Card (ws_ecard) extension 1.0.2 and earlier for TYPO3 has unspecified impact and remote attack vectors. | |||||
| CVE-2009-4741 | 2 Microsoft, Skype | 2 Windows, Skype | 2010-03-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Extras Manager before 2.0.0.67 in Skype before 4.1.0.179 on Windows has unknown impact and attack vectors. | |||||
| CVE-2010-1124 | 1 Ibm | 1 Aix | 2010-03-29 | 7.8 HIGH | N/A |
| bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading a certain address field after a successful getaddrinfo function call, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors, as demonstrated by IBM DB2 crashes on "systems with databases cataloged with alternate servers using IP addresses." | |||||