CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 1CVE-2022-0554 – Use of Out-of-range Pointer Offset in vim/vim
https://notcve.org/view.php?id=CVE-2022-0554
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. Un uso del desplazamiento de Puntero Fuera de Rango en el repositorio de GitHub vim/vim anterior a 8.2 A flaw was found in vim that causes an out-of-range pointer offset vulnerability. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/e3537aec2f8d6470010547af28dcbd83d41461b8 https://huntr.dev/bounties/7e8f6cd0-b5ee-48a2-8255-6a86f4c46c71 https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF https://security.gentoo. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 5.5EPSS: 0%CPEs: 23EXPL: 1CVE-2022-0530
https://notcve.org/view.php?id=CVE-2022-0530
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. Se ha encontrado un fallo en Unzip. La vulnerabilidad se produce durante la conversión de una cadena amplia a una cadena local que conduce a un montón de escritura fuera de límites. • http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 https://bugzilla.redhat.com/show_bug.cgi?id=2051395 https://github.com/ByteHackr/unzip_poc https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html https://security.gentoo.org/glsa/202310-17 https://support.apple.com/kb/HT213255 https://support.apple.com/kb/HT213256 https://support.apple.com/kb/HT213257 https://www. •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2022-22583 – Apple macOS PackageKit PKInstallSandbox SIP Bypass vulnerability
https://notcve.org/view.php?id=CVE-2022-22583
A permissions issue was addressed with improved validation. This issue is fixed in Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application may be able to access restricted files. Se abordó un problema de permisos con una comprobación mejorada. Este problema es corregido en Security Update 2022-001 Catalina, macOS Monterey versión 12.2, macOS Big Sur versión 11.6.3. • https://support.apple.com/en-us/HT213054 https://support.apple.com/en-us/HT213055 https://support.apple.com/en-us/HT213056 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22586
https://notcve.org/view.php?id=CVE-2022-22586
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en macOS Monterey versión 12.2. • https://support.apple.com/en-us/HT213054 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-22584 – Apple macOS ColorSync ICC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-22584
A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. Processing a maliciously crafted file may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con una comprobación mejorada. Este problema es corregido en tvOS versión 15.3, iOS versión 15.3 y iPadOS versión 15.3, watchOS versión 8.4, macOS Monterey versión 12.2. • https://support.apple.com/en-us/HT213053 https://support.apple.com/en-us/HT213054 https://support.apple.com/en-us/HT213057 https://support.apple.com/en-us/HT213059 • CWE-787: Out-of-bounds Write •