Page 2 of 16 results (0.014 seconds)

CVSS: 2.1EPSS: 0%CPEs: 35EXPL: 0

The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html http://secunia.com/advisories/13362 http://www.ciac.org/ciac/bulletins/p-049.shtml http://www.securityfocus.com/bid/11802 https://exchange.xforce.ibmcloud.com/vulnerabilities/18350 •

CVSS: 5.0EPSS: 0%CPEs: 35EXPL: 0

Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://secunia.com/advisories/13362 http://www.ciac.org/ciac/bulletins/p-049.shtml http://www.securityfocus.com/bid/11802 https://exchange.xforce.ibmcloud.com/vulnerabilities/18349 •

CVSS: 4.6EPSS: 0%CPEs: 35EXPL: 0

Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html http://secunia.com/advisories/13362 http://www.ciac.org/ciac/bulletins/p-049.shtml http://www.securityfocus.com/bid/11802 https://exchange.xforce.ibmcloud.com/vulnerabilities/18351 •

CVSS: 2.1EPSS: 0%CPEs: 35EXPL: 0

Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false sense of security for the user. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html http://secunia.com/advisories/13362 http://www.ciac.org/ciac/bulletins/p-049.shtml http://www.securityfocus.com/bid/11802 https://exchange.xforce.ibmcloud.com/vulnerabilities/18355 •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 2

Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter. • https://www.exploit-db.com/exploits/22312 http://securityreason.com/securityalert/3260 http://www.securityfocus.com/archive/1/313517 http://www.securityfocus.com/bid/6990 https://exchange.xforce.ibmcloud.com/vulnerabilities/11446 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •