CVSS: 9.8EPSS: 22%CPEs: 11EXPL: 1CVE-2005-1342
https://notcve.org/view.php?id=CVE-2005-1342
04 May 2005 — The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2005-1343
https://notcve.org/view.php?id=CVE-2005-1343
03 May 2005 — Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument. • http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html •
CVSS: 7.1EPSS: 0%CPEs: 56EXPL: 1CVE-2005-1430
https://notcve.org/view.php?id=CVE-2005-1430
03 May 2005 — Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users. • http://www.security-focus.com/archive/1/397306 •
CVSS: 8.8EPSS: 0%CPEs: 30EXPL: 0CVE-2005-0970
https://notcve.org/view.php?id=CVE-2005-0970
22 Apr 2005 — Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with escalated privileges via vulnerable scripts. • http://lists.apple.com/archives/security-announce/2005/Apr/msg00000.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 2CVE-2005-0975
https://notcve.org/view.php?id=CVE-2005-0975
22 Apr 2005 — Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service (CPU consumption) via a crafted mach-o header. • http://felinemenace.org/advisories/macosx.txt •
CVSS: 7.5EPSS: 1%CPEs: 71EXPL: 0CVE-2005-1043
https://notcve.org/view.php?id=CVE-2005-1043
12 Apr 2005 — exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. • http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29&r2=1.118.2.30&ty=u •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2005-0712
https://notcve.org/view.php?id=CVE-2005-0712
22 Mar 2005 — Mac OS X before 10.3.8 users world-writable permissions for certain directories, which may allow local users to gain privileges, possibly via the receipt cache or ColorSync profiles. • http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 1CVE-2005-0713 – Apple Mac OSX 10.3.x - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2005-0713
21 Mar 2005 — The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges. • https://www.exploit-db.com/exploits/25256 •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2005-0715
https://notcve.org/view.php?id=CVE-2005-0715
21 Mar 2005 — AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Drop Boxes," which allows local users to read the contents of a Drop Box. • http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 2CVE-2005-0716 – Apple Mac OSX 10.3.8 - 'CF_CHARSET_PATH' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-0716
21 Mar 2005 — Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable. • https://www.exploit-db.com/exploits/2111 •