Vulnerabilities > Apple > MAC OS X > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-06-21 | CVE-2011-1755 | XML Entity Expansion vulnerability in multiple products jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | 7.5 |
2011-05-10 | CVE-2011-2074 | Remote Code Execution vulnerability in Skype Technologies Skype for Mac Unspecified vulnerability in the client in Skype 5.x before 5.1.0.922 on Mac OS X allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via a crafted message. | 8.5 |
2011-05-07 | CVE-2011-0076 | Privilege Escalation vulnerability in Mozilla Firefox/SeaMonkey Unspecified vulnerability in the Java Embedding Plugin (JEP) in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, on Mac OS X allows remote attackers to bypass intended access restrictions via unknown vectors. | 7.5 |
2011-03-23 | CVE-2011-0182 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a call gate entry. | 7.2 |
2010-12-07 | CVE-2010-4494 | Double Free vulnerability in Google Chrome Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | 7.5 |
2010-11-16 | CVE-2010-1844 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server Unspecified vulnerability in Image Capture in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to cause a denial of service (memory consumption and system crash) via a crafted image. | 7.1 |
2010-11-16 | CVE-2010-1843 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server Networking in Apple Mac OS X 10.6.2 through 10.6.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted PIM packet. | 7.8 |
2010-11-15 | CVE-2010-1840 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Stack-based buffer overflow in the password-validation functionality in Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | 7.5 |
2010-06-17 | CVE-2010-1380 | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Integer overflow in the cgtexttops CUPS filter in Printing in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page sizes. | 7.5 |
2010-06-17 | CVE-2010-1375 | Improper Authentication vulnerability in Apple mac OS X and mac OS X Server NetAuthSysAgent in Network Authorization in Apple Mac OS X 10.5.8 does not have the expected authorization requirements, which allows local users to gain privileges via unspecified vectors. | 7.2 |