CVSS: 7.5EPSS: 0%CPEs: 40EXPL: 1CVE-2020-8286 – curl: Inferior OCSP verification
https://notcve.org/view.php?id=CVE-2020-8286
09 Dec 2020 — curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. curl versiones 7.41.0 hasta 7.73.0, es vulnerable a una comprobación inapropiada para la revocación del certificado debido a una verificación insuficiente de la respuesta OCSP Libcurl offers "OCSP stapling" via the CURLOPT_SSL_VERIFYSTATUS option. When set, libcurl verifies the OCSP response that a server responds with as part of the TLS handshake. It then aborts th... • http://seclists.org/fulldisclosure/2021/Apr/50 • CWE-295: Improper Certificate Validation •
CVSS: 9.3EPSS: 0%CPEs: 16EXPL: 0CVE-2020-10015 – Apple macOS process_token_BlitLibSetup3D Out-Of-Bounds Access Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-10015
09 Dec 2020 — An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en macOS Big Sur versión 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, mac... • https://support.apple.com/en-us/HT211931 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2020-9956 – Apple macOS libFontParser TTF Font Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-9956
09 Dec 2020 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted font file may lead to arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de la entrada mejorada. Este problema es corregido en macOS Big Sur versión 11.0.1, tvOS versión 14.0, macOS Big Su... • https://support.apple.com/en-us/HT211843 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2020-27952 – Apple macOS libFontParser TTF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-27952
08 Dec 2020 — An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. Processing a maliciously crafted font file may lead to arbitrary code execution. Se abordó una escritura fuera de límites con una comprobación de la entrada mejorada. Este problema es corregido en macOS Big Sur versión 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Su... • https://support.apple.com/en-us/HT211931 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2020-27897 – Apple macOS Kernel Command 0x10007 Out-Of-Bounds Write Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-27897
08 Dec 2020 — An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en macOS Big Sur versión 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, mac... • https://support.apple.com/en-us/HT211931 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-9972 – Apple Security Advisory 2020-11-13-3
https://notcve.org/view.php?id=CVE-2020-9972
13 Nov 2020 — A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. Se abordó un problema de desbordamiento del búfer con un manejo de la memoria mejorada. Este problema se corrigió en iOS versión 14.0 y iPadOS versión 14.0. • https://support.apple.com/en-us/HT211850 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2020-13520 – Apple Security Advisory 2020-11-13-3
https://notcve.org/view.php?id=CVE-2020-13520
13 Nov 2020 — An out of bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 reconstructs paths from binary USD files. A specially crafted malformed file can trigger an out of bounds memory modification which can result in remote code execution. To trigger this vulnerability, victim needs to access an attacker-provided malformed file. Se presenta una vulnerabilidad de corrupción de memoria fuera de límites en la forma en que Pixar OpenUSD versión 20.05, reconstruye rutas a partir de archivos USD b... • https://support.apple.com/kb/HT212011 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.3EPSS: 0%CPEs: 19EXPL: 1CVE-2020-13524 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-13524
09 Nov 2020 — An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files. A specially crafted malformed file can trigger an out-of-bounds memory access and modification which results in memory corruption. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file. Se presenta una vulnerabilidad de corrupción de memoria fuera de límites en la forma en que Pixar OpenUSD versión 20.05, usa datos SPECS de archivos binarios US... • http://seclists.org/fulldisclosure/2020/Dec/26 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 22EXPL: 0CVE-2020-10016 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-10016
09 Nov 2020 — A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de la memoria con una administración de estado mejorada. Este problema se corrigió en macOS Big Sur versión 11.0.1, iOS versión 14.2 y iPadOS versión 14.2, tvOS versión 14.2, watchOS versión 7.1. • http://seclists.org/fulldisclosure/2020/Dec/26 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2020-8037 – ppp decapsulator can be convinced to allocate a large amount of memory
https://notcve.org/view.php?id=CVE-2020-8037
04 Nov 2020 — The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. El ppp decapsulator en tcpdump versión 4.9.3 puede ser convencido para que asigne una gran cantidad de memoria A flaw was found in tcpdump while printing PPP packets captured in a pcap file or coming from the network. This flaw allows a remote attacker to send specially crafted packets that, when printed, can lead the application to allocate a large amount of memory, resulting in a denial of service. The highest thr... • http://seclists.org/fulldisclosure/2021/Apr/51 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •