Export limit exceeded: 14024 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14024 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4269 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Integer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk Session Protocol (ASP) message on an AppleTalk socket, which triggers a heap-based buffer overflow. | ||||
| CVE-2007-4268 | 1 Apple | 1 Mac Os X | 2026-04-23 | 7.8 High |
| Integer signedness error in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk message with a negative value, which satisfies a signed comparison during mbuf allocation but is later interpreted as an unsigned value, which triggers a heap-based buffer overflow. | ||||
| CVE-2007-4267 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted IOCTL request that adds an AppleTalk zone to a routing table. | ||||
| CVE-2007-4045 | 3 Apple, Fedoraproject, Redhat | 3 Cups, Fedora, Enterprise Linux | 2026-04-23 | N/A |
| The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation. | ||||
| CVE-2007-3944 | 1 Apple | 3 Iphone Os, Safari, Webkit | 2026-04-23 | N/A |
| Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. NOTE: this issue was originally reported only for MobileSafari on the iPhone. NOTE: it is not clear whether this stems from an issue in the original distribution of PCRE, which might already have a separate CVE identifier. | ||||
| CVE-2007-3876 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows local users to execute arbitrary code via (1) a long workgroup (-W) option to mount_smbfs or (2) an unspecified manipulation of the command line to smbutil. | ||||
| CVE-2007-3850 | 3 Apple, Linux, Redhat | 3 Powerpc, Linux Kernel, Enterprise Linux | 2026-04-23 | N/A |
| The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map userspace resources, which allows local users to read portions of physical address space. | ||||
| CVE-2010-0314 | 1 Apple | 1 Safari | 2026-04-23 | N/A |
| Apple Safari allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value. | ||||
| CVE-2007-3828 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Unspecified vulnerability in mDNSResponder in Apple Mac OS X allows remote attackers to execute arbitrary code via unspecified vectors, a related issue to CVE-2007-2386. | ||||
| CVE-2007-3798 | 7 Apple, Canonical, Debian and 4 more | 8 Mac Os X, Mac Os X Server, Ubuntu Linux and 5 more | 2026-04-23 | 9.8 Critical |
| Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. | ||||
| CVE-2007-3761 | 1 Apple | 3 Iphone, Iphone Os, Safari | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Safari in Apple iPhone 1.1.1 allows remote attackers to inject arbitrary web script or HTML by causing Javascript events to be applied to a frame in another domain. | ||||
| CVE-2007-3760 | 2 Apple, Microsoft | 5 Iphone Os, Mac Os X, Safari and 2 more | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to inject arbitrary web script or HTML via frame tags. | ||||
| CVE-2007-3759 | 1 Apple | 3 Iphone, Iphone Os, Safari | 2026-04-23 | N/A |
| Safari in Apple iPhone 1.1.1, when requested to disable Javascript, does not disable it until Safari is restarted, which might leave Safari open to attacks that the user does not expect. | ||||
| CVE-2007-3758 | 2 Apple, Microsoft | 5 Iphone Os, Mac Os X, Safari and 2 more | 2026-04-23 | N/A |
| Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and in Mac OS X 10.4 through 10.4.10, allows remote attackers to set Javascript window properties for web pages that are in a different domain, which can be leveraged to conduct cross-site scripting (XSS) attacks. | ||||
| CVE-2007-3757 | 1 Apple | 3 Iphone, Iphone Os, Safari | 2026-04-23 | N/A |
| Safari in Apple iPhone 1.1.1 allows remote user-assisted attackers to trick the iPhone user into making calls to arbitrary telephone numbers via a crafted "tel:" link that causes iPhone to display a different number than the number that will be dialed. | ||||
| CVE-2007-3755 | 1 Apple | 2 Iphone, Iphone Os | 2026-04-23 | N/A |
| Mail in Apple iPhone 1.1.1 allows remote user-assisted attackers to force the iPhone user to make calls to arbitrary telephone numbers via a "tel:" link, which does not prompt the user before dialing the number. | ||||
| CVE-2007-3754 | 1 Apple | 2 Iphone, Iphone Os | 2026-04-23 | N/A |
| Mail in Apple iPhone 1.1.1, when using SSL, does not warn the user when the mail server changes or is not trusted, which might allow remote attackers to steal credentials and read email via a man-in-the-middle (MITM) attack. | ||||
| CVE-2007-3753 | 1 Apple | 2 Iphone, Iphone Os | 2026-04-23 | N/A |
| Apple iPhone 1.1.1, with Bluetooth enabled, allows physically proximate attackers to cause a denial of service (application termination) and execute arbitrary code via crafted Service Discovery Protocol (SDP) packets, related to insufficient input validation. | ||||
| CVE-2007-3752 | 1 Apple | 1 Itunes | 2026-04-23 | N/A |
| Heap-based buffer overflow in Apple iTunes before 7.4 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted album cover art in the covr atom of an MP4/AAC file. | ||||
| CVE-2007-3751 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2026-04-23 | N/A |
| Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via untrusted Java applets that gain privileges via unspecified vectors. | ||||