CVSS: 6.8EPSS: 0%CPEs: 32EXPL: 1CVE-2005-2714
https://notcve.org/view.php?id=CVE-2005-2714
31 Dec 2005 — passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file. • http://docs.info.apple.com/article.html?artnum=303382 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 0CVE-2005-3706
https://notcve.org/view.php?id=CVE-2005-3706
31 Dec 2005 — Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4.5 allows context-dependent attackers to execute arbitrary code by causing an application that uses LibSystem to request a large amount of memory. • http://docs.info.apple.com/article.html?artnum=303382 •
CVSS: 8.8EPSS: 2%CPEs: 12EXPL: 0CVE-2005-3712
https://notcve.org/view.php?id=CVE-2005-3712
31 Dec 2005 — Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated users to execute arbitrary code via long extended attributes. • http://docs.info.apple.com/article.html?artnum=303382 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 37%CPEs: 75EXPL: 3CVE-2005-4504 – Apple Mac OSX - KHTMLParser Remote Denial of Service
https://notcve.org/view.php?id=CVE-2005-4504
22 Dec 2005 — The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag. • https://www.exploit-db.com/exploits/26971 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2005-3702
https://notcve.org/view.php?id=CVE-2005-3702
01 Dec 2005 — Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be downloaded to locations outside the download directory via a long file name. • http://docs.info.apple.com/article.html?artnum=302847 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2005-3704
https://notcve.org/view.php?id=CVE-2005-3704
01 Dec 2005 — System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to spoof syslog messages in log files by injecting various control characters such as newline (NL). • http://docs.info.apple.com/article.html?artnum=302847 •
CVSS: 9.8EPSS: 4%CPEs: 4EXPL: 0CVE-2005-3705
https://notcve.org/view.php?id=CVE-2005-3705
01 Dec 2005 — Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, as used in applications such as Safari, allows remote attackers to execute arbitrary code via unknown attack vectors. • http://docs.info.apple.com/article.html?artnum=302847 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2005-3700
https://notcve.org/view.php?id=CVE-2005-3700
01 Dec 2005 — Unknown vulnerability in iodbcadmintool in the ODBC Administrator utility in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows local users to execute arbitrary code via unknown attack vectors. • http://docs.info.apple.com/article.html?artnum=302847 •
CVSS: 9.8EPSS: 4%CPEs: 28EXPL: 0CVE-2005-2757
https://notcve.org/view.php?id=CVE-2005-2757
01 Dec 2005 — Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to execute arbitrary code via unknown attack vectors involving "validation of URLs." • http://docs.info.apple.com/article.html?artnum=302847 •
CVSS: 9.8EPSS: 0%CPEs: 62EXPL: 0CVE-2005-2739
https://notcve.org/view.php?id=CVE-2005-2739
01 Nov 2005 — Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password. • http://lists.apple.com/archives/security-announce/2005/Oct/msg00000.html •