CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22664 – Apple Security Advisory 2022-03-14-4
https://notcve.org/view.php?id=CVE-2022-22664
15 Mar 2022 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. Se abordó un problema de lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en Logic Pro versión 10.7.3, GarageBand versión 10.4.6 y macOS Monterey versión 12.3. • https://support.apple.com/en-us/HT213183 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22657 – Apple Security Advisory 2022-03-14-4
https://notcve.org/view.php?id=CVE-2022-22657
15 Mar 2022 — A memory initialization issue was addressed with improved memory handling. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. Se abordó un problema de inicialización de la memoria con una administración de memoria mejorada. Este problema es corregido en Logic Pro versión 10.7.3, GarageBand versión 10.4.6 y macOS Monterey versión 12.3. • https://support.apple.com/en-us/HT213183 • CWE-665: Improper Initialization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30654
https://notcve.org/view.php?id=CVE-2021-30654
08 Sep 2021 — This issue was addressed by removing additional entitlements. This issue is fixed in GarageBand 10.4.3. A local attacker may be able to read sensitive information. Se abordó este problema con la eliminación de derechos adicionales. Este problema es corregido en GarageBand versión 10.4.3. • https://support.apple.com/en-us/HT212299 •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-2374 – Apple Security Advisory 2017-02-21-2
https://notcve.org/view.php?id=CVE-2017-2374
20 Feb 2017 — An issue was discovered in certain Apple products. GarageBand before 10.1.6 is affected. The issue involves the "Projects" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted GarageBand project file. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/96171 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2017-2372 – Apple Security Advisory 2017-01-18-2
https://notcve.org/view.php?id=CVE-2017-2372
20 Jan 2017 — An issue was discovered in certain Apple products. GarageBand before 10.1.5 is affected. Logic Pro X before 10.3 is affected. The issue involves the "Projects" component, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted GarageBand project file. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/95627 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2009-2198
https://notcve.org/view.php?id=CVE-2009-2198
04 Aug 2009 — Apple GarageBand before 5.1 reconfigures Safari to accept all cookies regardless of domain name, which makes it easier for remote web servers to track users. Apple GarageBand anterior a v5.1 reconfirura Safari aceptando todas las cookies sin importar el nombre de dominio, lo que hace que sea más sencillo para los servidores Web remotos seguir a los usuarios. • http://lists.apple.com/archives/security-announce/2009/Aug/msg00000.html • CWE-264: Permissions, Privileges, and Access Controls •