CVSS: 9.8EPSS: 4%CPEs: 4EXPL: 0CVE-2005-3705
https://notcve.org/view.php?id=CVE-2005-3705
01 Dec 2005 — Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, as used in applications such as Safari, allows remote attackers to execute arbitrary code via unknown attack vectors. • http://docs.info.apple.com/article.html?artnum=302847 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2005-3701
https://notcve.org/view.php?id=CVE-2005-3701
01 Dec 2005 — Unspecified vulnerability in passwordserver in Mac OS X Server 10.3.9 and 10.4.3, when creating an Open Directory master server, allows local users to gain privileges via unknown attack vectors. • http://docs.info.apple.com/article.html?artnum=302847 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2005-3700
https://notcve.org/view.php?id=CVE-2005-3700
01 Dec 2005 — Unknown vulnerability in iodbcadmintool in the ODBC Administrator utility in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows local users to execute arbitrary code via unknown attack vectors. • http://docs.info.apple.com/article.html?artnum=302847 •
CVSS: 9.8EPSS: 4%CPEs: 28EXPL: 0CVE-2005-2757
https://notcve.org/view.php?id=CVE-2005-2757
01 Dec 2005 — Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to execute arbitrary code via unknown attack vectors involving "validation of URLs." • http://docs.info.apple.com/article.html?artnum=302847 •
CVSS: 9.8EPSS: 0%CPEs: 62EXPL: 0CVE-2005-2739
https://notcve.org/view.php?id=CVE-2005-2739
01 Nov 2005 — Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password. • http://lists.apple.com/archives/security-announce/2005/Oct/msg00000.html •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2005-2749
https://notcve.org/view.php?id=CVE-2005-2749
01 Nov 2005 — Unspecified vulnerability in the Finder Get Info window for Mac OS X 10.4 up to 10.4.2 causes Finder to misrepresent file and group ownership information. NOTE: it is not clear whether this issue satisfies the CVE definition of a vulnerability. • http://lists.apple.com/archives/security-announce/2005/Oct/msg00000.html •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2750
https://notcve.org/view.php?id=CVE-2005-2750
01 Nov 2005 — Software Update in Mac OS X 10.4.2, when the user marks all updates to be ignored, exits without asking the user to reset the status of the updates, which could prevent important, security-relevant updates from being installed. • http://lists.apple.com/archives/security-announce/2005/Oct/msg00000.html •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2005-2752
https://notcve.org/view.php?id=CVE-2005-2752
01 Nov 2005 — An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406. • http://lists.apple.com/archives/security-announce/2005/Oct/msg00000.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2005-2751
https://notcve.org/view.php?id=CVE-2005-2751
01 Nov 2005 — memberd in Mac OS X 10.4 up to 10.4.2, in certain situations, does not quickly synchronize access control checks with changes in group membership, which could allow users to access files and other resources after they have been removed from a group. • http://lists.apple.com/archives/security-announce/2005/Oct/msg00000.html •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2005-2742
https://notcve.org/view.php?id=CVE-2005-2742
25 Oct 2005 — SecurityAgent in Apple Mac OS X 10.4.2, under certain circumstances, can cause the "Switch User..." button to appear even though the "Enable fast user switching" setting is disabled, which can allow attackers with physical access to gain access to the desktop and bypass the "Require password to wake this computer from sleep or screen saver" setting. • http://lists.apple.com/archives/security-announce/2005/Sep/msg00002.html •