Product:

Mac_os_x_server

(Apple)
Repositories https://github.com/apache/httpd
#Vulnerabilities 664
Date Id Summary Products Score Patch Annotated
2015-09-18 CVE-2015-5911 Multiple unspecified vulnerabilities in Twisted in Wiki Server in Apple OS X Server before 5.0.3 allow attackers to have an unknown impact via an XML document. Mac_os_x_server N/A
2015-09-05 CVE-2015-5722 buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone. Mac_os_x_server, Bind N/A
2015-05-28 CVE-2015-3165 Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence. Mac_os_x_server, Ubuntu_linux, Debian_linux, Postgresql N/A
2014-09-19 CVE-2014-4350 Buffer overflow in QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MIDI file. Mac_os_x, Mac_os_x_server N/A
2014-09-19 CVE-2014-1391 QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with RLE encoding. Mac_os_x, Mac_os_x_server N/A
2014-07-01 CVE-2014-1371 Array index error in Dock in Apple OS X before 10.9.4 allows attackers to execute arbitrary code or cause a denial of service (incorrect function-pointer dereference and application crash) by leveraging access to a sandboxed application for sending a message. Mac_os_x, Mac_os_x_server N/A
2014-07-01 CVE-2014-1370 The byte-swapping implementation in copyfile in Apple OS X before 10.9.4 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted AppleDouble file in a ZIP archive. Mac_os_x, Mac_os_x_server N/A
2014-04-23 CVE-2014-1296 CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allows remote attackers to bypass intended access restrictions by triggering the closing of a TCP connection during transmission of a header, as demonstrated by an HTTPOnly restriction. Iphone_os, Mac_os_x, Mac_os_x_server, Tvos N/A
2014-02-27 CVE-2014-1270 WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269. Mac_os_x, Mac_os_x_server, Safari, Webkit N/A
2014-02-27 CVE-2014-1269 WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1270. Mac_os_x, Mac_os_x_server, Safari, Webkit N/A