CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2006-1451
https://notcve.org/view.php?id=CVE-2006-1451
12 May 2006 — MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2006-1440
https://notcve.org/view.php?id=CVE-2006-1440
12 May 2006 — BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite arbitrary files via an archive that contains symbolic links. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •
CVSS: 9.8EPSS: 9%CPEs: 4EXPL: 0CVE-2006-1456
https://notcve.org/view.php?id=CVE-2006-1456
12 May 2006 — Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •
CVSS: 7.8EPSS: 4%CPEs: 4EXPL: 0CVE-2006-1455
https://notcve.org/view.php?id=CVE-2006-1455
12 May 2006 — QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, which triggers a null dereference. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2006-1442
https://notcve.org/view.php?id=CVE-2006-1442
12 May 2006 — The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if the client application has not directly requested it, which allows attackers to execute arbitrary code from an untrusted bundle. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •
CVSS: 8.8EPSS: 3%CPEs: 2EXPL: 0CVE-2006-1445
https://notcve.org/view.php?id=CVE-2006-1445
12 May 2006 — Buffer overflow in the FTP server (FTPServer) in Apple Mac OS X 10.3.9 and 10.4.6 allows remote authenticated users to execute arbitrary code via vectors related to "FTP server path name handling." • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2006-1446
https://notcve.org/view.php?id=CVE-2006-1446
12 May 2006 — Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an application to bypass a locked Keychain by first obtaining a reference to the Keychain when it is unlocked, then reusing that reference after the Keychain has been locked. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1CVE-2006-2277 – Apple Mac OSX 10.x - ImageIO OpenEXR Image File Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-2277
09 May 2006 — Multiple Apple Mac OS X 10.4 applications might allow context-dependent attackers to cause a denial of service (application crash) via a crafted OpenEXR (.exr) image file, which triggers the crash when opening a folder using Finder, displaying the image in Safari, or using Preview to open the file. • https://www.exploit-db.com/exploits/27790 •
CVSS: 8.8EPSS: 53%CPEs: 34EXPL: 2CVE-2006-1983
https://notcve.org/view.php?id=CVE-2006-1983
21 Apr 2006 — Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF, as used in applications that use ImageIO or AppKit. NOTE: the BMP vector has been re-assigned to CVE-2006-2238 because it affects a separate product family. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2006-1981
https://notcve.org/view.php?id=CVE-2006-1981
21 Apr 2006 — Unspecified vulnerability in Java InputMethods on Mac OS X 10.4.5 may cause InputMethods to send input events for secure fields to the wrong text field, which might reveal the password to others who can view the screen. Vulnerabilidad no especificada en Java InputMethods en Mac OS X 10.4.5 puede causar que InputMethdos envíe eventos de entrada para campos seguros a un campo de texto equivocado, lo que podría revelar la contraseña a otros que pudieran ver la pantalla. º • http://docs.info.apple.com/article.html?artnum=303658 •