Search Results (362815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0045 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Unspecified vulnerability in AFP Server in Apple Mac OS X 10.4.11 allows remote attackers to bypass cross-realm authentication via unknown manipulations of Kerberos principal realm names.
CVE-2008-0046 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set access for specific services and applications" radio button that might cause the user to believe that the button is used to restrict access only to specific services and applications, which might allow attackers to bypass intended access restrictions.
CVE-2008-0047 3 Apple, Cups, Redhat 4 Mac Os X, Mac Os X Server, Cups and 1 more 2026-04-23 N/A
Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions.
CVE-2008-0048 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via the a long file name to the NSDocument API.
CVE-2008-0236 1 Microsoft 1 Visual Foxpro 2026-04-23 N/A
An ActiveX control for Microsoft Visual FoxPro (vfp6r.dll 6.0.8862.0) allows remote attackers to execute arbitrary commands by invoking the DoCmd method.
CVE-2008-0049 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter-process communication instead of inter-thread communication, which allows local users to execute arbitrary code via crafted messages to privileged applications.
CVE-2008-0050 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
CFNetwork in Apple Mac OS X 10.4.11 allows remote HTTPS proxy servers to spoof secure websites via data in a 502 Bad Gateway error.
CVE-2008-0051 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Integer overflow in CoreFoundation in Apple Mac OS X 10.4.11 might allow local users to execute arbitrary code via crafted time zone data.
CVE-2008-0052 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
CoreServices in Apple Mac OS X 10.4.11 treats .ief as a safe file type, which allows remote attackers to force Safari users into opening an .ief file in AppleWorks, even when the "Open 'Safe' files" preference is set.
CVE-2008-0053 2 Apple, Redhat 2 Cups, Enterprise Linux 2026-04-23 N/A
Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file.
CVE-2008-0054 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Foundation in Apple Mac OS X 10.4.11 might allow context-dependent attackers to execute arbitrary code via a malformed selector name to the NSSelectorFromString API, which causes an "unexpected selector" to be used.
CVE-2008-0055 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Foundation in Apple Mac OS X 10.4.11 creates world-writable directories while NSFileManager copies files recursively and only modifies the permissions afterward, which allows local users to modify copied files to cause a denial of service and possibly gain privileges.
CVE-2008-0056 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Stack-based buffer overflow in Foundation in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a "long pathname with an unexpected structure" that triggers the overflow in NSFileManager.
CVE-2008-0057 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Multiple integer overflows in a "legacy serialization format" parser in AppKit in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via a crafted serialized property list.
CVE-2008-0058 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Race condition in the NSURLConnection cache management functionality in Foundation for Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via unspecified manipulations that cause messages to be sent to a deallocated object.
CVE-2008-0059 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a crafted XML file, related to "error handling logic."
CVE-2008-0060 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topic_list URL that injects HTML or JavaScript into a topic list page, as demonstrated using a help:runscript link.
CVE-2008-0061 1 Maradns 1 Maradns 2026-04-23 N/A
MaraDNS 1.0 before 1.0.41, 1.2 before 1.2.12.08, and 1.3 before 1.3.07.04 allows remote attackers to cause a denial of service via a crafted DNS packet that prevents an authoritative name (CNAME) record from resolving, aka "improper rotation of resource records."
CVE-2008-0062 5 Canonical, Debian, Fedoraproject and 2 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2026-04-23 9.8 Critical
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free.
CVE-2008-0063 8 Apple, Canonical, Debian and 5 more 13 Mac Os X, Mac Os X Server, Ubuntu Linux and 10 more 2026-04-23 7.5 High
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."