CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2005-3702
https://notcve.org/view.php?id=CVE-2005-3702
01 Dec 2005 — Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be downloaded to locations outside the download directory via a long file name. • http://docs.info.apple.com/article.html?artnum=302847 •
CVSS: 9.8EPSS: 4%CPEs: 28EXPL: 0CVE-2005-2757
https://notcve.org/view.php?id=CVE-2005-2757
01 Dec 2005 — Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to execute arbitrary code via unknown attack vectors involving "validation of URLs." • http://docs.info.apple.com/article.html?artnum=302847 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2005-3704
https://notcve.org/view.php?id=CVE-2005-3704
01 Dec 2005 — System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to spoof syslog messages in log files by injecting various control characters such as newline (NL). • http://docs.info.apple.com/article.html?artnum=302847 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2005-3700
https://notcve.org/view.php?id=CVE-2005-3700
01 Dec 2005 — Unknown vulnerability in iodbcadmintool in the ODBC Administrator utility in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows local users to execute arbitrary code via unknown attack vectors. • http://docs.info.apple.com/article.html?artnum=302847 •
CVSS: 9.8EPSS: 4%CPEs: 4EXPL: 0CVE-2005-3705
https://notcve.org/view.php?id=CVE-2005-3705
01 Dec 2005 — Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, as used in applications such as Safari, allows remote attackers to execute arbitrary code via unknown attack vectors. • http://docs.info.apple.com/article.html?artnum=302847 •
CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2005-2751
https://notcve.org/view.php?id=CVE-2005-2751
01 Nov 2005 — memberd in Mac OS X 10.4 up to 10.4.2, in certain situations, does not quickly synchronize access control checks with changes in group membership, which could allow users to access files and other resources after they have been removed from a group. • http://lists.apple.com/archives/security-announce/2005/Oct/msg00000.html •
CVSS: 9.8EPSS: 0%CPEs: 62EXPL: 0CVE-2005-2739
https://notcve.org/view.php?id=CVE-2005-2739
01 Nov 2005 — Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password. • http://lists.apple.com/archives/security-announce/2005/Oct/msg00000.html •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2005-2749
https://notcve.org/view.php?id=CVE-2005-2749
01 Nov 2005 — Unspecified vulnerability in the Finder Get Info window for Mac OS X 10.4 up to 10.4.2 causes Finder to misrepresent file and group ownership information. NOTE: it is not clear whether this issue satisfies the CVE definition of a vulnerability. • http://lists.apple.com/archives/security-announce/2005/Oct/msg00000.html •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2005-2752
https://notcve.org/view.php?id=CVE-2005-2752
01 Nov 2005 — An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406. • http://lists.apple.com/archives/security-announce/2005/Oct/msg00000.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2005-2746
https://notcve.org/view.php?id=CVE-2005-2746
25 Oct 2005 — Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message contents when using auto-reply rules, which could cause Mail.app to include decrypted message contents for encrypted messages. • http://lists.apple.com/archives/security-announce/2005/Sep/msg00002.html •