Page 129 of 1372 results (0.010 seconds)

CVSS: 9.8EPSS: 0%CPEs: 16EXPL: 0

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.6, macOS Monterey 12.3, Security Update 2022-004 Catalina. A remote user may cause an unexpected app termination or arbitrary code execution This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within Apple Remote Events. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. • https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 • CWE-416: Use After Free •

CVSS: 9.8EPSS: 0%CPEs: 31EXPL: 4

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). zlib versiones hasta 1.2.12, presenta una lectura excesiva de búfer en la región heap de la memoria o desbordamiento de búfer en el archivo inflate.c por medio de un campo extra del encabezado gzip. NOTA: sólo están afectadas las aplicaciones que llaman a inflateGetHeader. Algunas aplicaciones comunes agrupan el código fuente de zlib afectado pero pueden ser incapaces de llamar a inflateGetHeader (por ejemplo, véase la referencia nodejs/node) A security vulnerability was found in zlib. • http://seclists.org/fulldisclosure/2022/Oct/37 http://seclists.org/fulldisclosure/2022/Oct/38 http://seclists.org/fulldisclosure/2022/Oct/41 http://seclists.org/fulldisclosure/2022/Oct/42 http://www.openwall.com/lists/oss-security/2022/08/05/2 http://www.openwall.com/lists/oss-security/2022/08/09/1 https://github.com/curl/curl/issues/9271 https://github.com/ivd38/zlib_overflow https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI spoofing. Se abordó este problema con un manejo de la Interfaz de Usuario mejorado. Este problema ha sido corregido en watchOS versión 8.7, tvOS versión 15.6, iOS versión 15.6 y iPadOS versión 15.6, macOS Monterey versión 12.5. • https://support.apple.com/en-us/HT213340 https://support.apple.com/en-us/HT213342 https://support.apple.com/en-us/HT213345 https://support.apple.com/en-us/HT213346 https://access.redhat.com/security/cve/CVE-2022-32816 https://bugzilla.redhat.com/show_bug.cgi?id=2238975 •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con una comprobación mejorada. Este problema ha sido corregido en watchOS versión 8.7, tvOS versión 15.6, iOS versión 15.6 y iPadOS versión 15.6, macOS Monterey versión 12.5. • https://support.apple.com/en-us/HT213340 https://support.apple.com/en-us/HT213342 https://support.apple.com/en-us/HT213345 https://support.apple.com/en-us/HT213346 • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory. Se abordó un problema de lectura fuera de límites con una comprobación de límites mejorada. Este problema ha sido corregido en watchOS versión 8.7, tvOS versión 15.6, iOS versión 15.6 y iPadOS versión 15.6, macOS Monterey versión 12.5. • https://support.apple.com/en-us/HT213340 https://support.apple.com/en-us/HT213342 https://support.apple.com/en-us/HT213345 https://support.apple.com/en-us/HT213346 • CWE-125: Out-of-bounds Read •