CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 1CVE-2005-2523 – Apple Mac OSX 10.4 Weblog Server - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2005-2523
Multiple cross-site scripting (XSS) vulnerabilities in Weblog Server in Mac OS X 10.4 to 10.4.2 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. • https://www.exploit-db.com/exploits/26152 http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html •
CVSS: 9.8EPSS: 32%CPEs: 5EXPL: 0CVE-2005-1689
https://notcve.org/view.php?id=CVE-2005-1689
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions. Vulnerabilidad de doble liberación de memoria en la función krb5_recvauth en MIT Kerberos 5 (krb5) 1.4.1 y anteriores permite que atacantes remotos ejecuten código arbitrario mediante ciertas condiciones de error. • ftp://patches.sgi.com/support/free/security/advisories/20050703-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000993 http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://marc.info/?l=bugtraq&m=112119974704542&w=2 http://secunia.com/advisories/16041 http://secunia.com/advisories/17135 http://secunia.com/advisories/17899 http://secunia.com/advisories/22090 • CWE-415: Double Free •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2005-1722
https://notcve.org/view.php?id=CVE-2005-1722
Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows local users to inject arbitrary commands into root sessions. • http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2005-1473
https://notcve.org/view.php?id=CVE-2005-1473
SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field. • http://lists.apple.com/archives/security-announce/2005/May/msg00004.html •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2005-1474
https://notcve.org/view.php?id=CVE-2005-1474
Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933. • http://lists.apple.com/archives/security-announce/2005/May/msg00004.html http://www.securityfocus.com/bid/13694 •