CVE-2021-45444 – zsh: Prompt expansion vulnerability
https://notcve.org/view.php?id=CVE-2021-45444
In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion. En zsh versiones anteriores a 5.8.1, un atacante puede lograr una ejecución de código si controla la salida de un comando dentro del prompt, como lo demuestra un argumento %F. Esto ocurre debido a la expansión recursiva PROMPT_SUBST A vulnerability was found in zsh in the parsecolorchar() function of prompt.c file. This flaw allows an attacker to perform code execution if they control a command output inside the prompt, as stated by a %F%K argument. • http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 https://lists.debian.org/debian-lts-announce/2022/02/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2P3LPMGENEHKDWFO4MWMZSZL6G7Y4CV7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BWF3EXNBX5SVFDBL4ZFOD4GJBWFUKWN4 https://support.apple.com/kb/HT213255 https://support.apple& • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2022-0572 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2022-0572
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Un Desbordamiento del Búfer en la región Heap de la Memoria en el repositorio de GitHub vim/vim versiones anteriores a 8.2 • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f https://huntr.dev/bounties/bf3e0643-03e9-4436-a1c8-74e7111c32bf https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4GOY5YWTP5QUY2EFLCL7AUWA2CV57C37 https://lists.fedoraproject& • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2022-0554 – Use of Out-of-range Pointer Offset in vim/vim
https://notcve.org/view.php?id=CVE-2022-0554
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. Un uso del desplazamiento de Puntero Fuera de Rango en el repositorio de GitHub vim/vim anterior a 8.2 A flaw was found in vim that causes an out-of-range pointer offset vulnerability. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/e3537aec2f8d6470010547af28dcbd83d41461b8 https://huntr.dev/bounties/7e8f6cd0-b5ee-48a2-8255-6a86f4c46c71 https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF https://security.gentoo. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-823: Use of Out-of-range Pointer Offset •
CVE-2022-0530
https://notcve.org/view.php?id=CVE-2022-0530
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. Se ha encontrado un fallo en Unzip. La vulnerabilidad se produce durante la conversión de una cadena amplia a una cadena local que conduce a un montón de escritura fuera de límites. • http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 https://bugzilla.redhat.com/show_bug.cgi?id=2051395 https://github.com/ByteHackr/unzip_poc https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html https://security.gentoo.org/glsa/202310-17 https://support.apple.com/kb/HT213255 https://support.apple.com/kb/HT213256 https://support.apple.com/kb/HT213257 https://www. •
CVE-2022-22586
https://notcve.org/view.php?id=CVE-2022-22586
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en macOS Monterey versión 12.2. • https://support.apple.com/en-us/HT213054 • CWE-787: Out-of-bounds Write •