CVSS: 3.3EPSS: 0%CPEs: 6EXPL: 0CVE-2023-38605
https://notcve.org/view.php?id=CVE-2023-38605
06 Sep 2023 — This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.5. An app may be able to determine a user’s current location. Este problema se solucionó mejorando la redacción de información sensible. Este problema se solucionó en macOS Ventura 13.5. • https://support.apple.com/en-us/HT213843 •
CVSS: 3.3EPSS: 0%CPEs: 8EXPL: 0CVE-2023-40392
https://notcve.org/view.php?id=CVE-2023-40392
06 Sep 2023 — A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.5. An app may be able to read sensitive location information. Se solucionó un problema de privacidad mejorando la redacción de datos privados para las entradas de registro. Este problema se solucionó en macOS Ventura 13.5. • https://support.apple.com/en-us/HT213843 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38616
https://notcve.org/view.php?id=CVE-2023-38616
06 Sep 2023 — A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. La condición de ejecución se gestionó con un mejor manejo del estado. Este problema se solucionó en macOS Ventura 13.5. • https://support.apple.com/en-us/HT213843 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0CVE-2023-40397 – webkitgtk: arbitrary javascript code execution
https://notcve.org/view.php?id=CVE-2023-40397
06 Sep 2023 — The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary javascript code execution. El problema se solucionó mejorando las comprobaciones. Este problema se solucionó en macOS Ventura 13.5. • http://www.openwall.com/lists/oss-security/2023/09/11/1 • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-4781 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2023-4781
05 Sep 2023 — Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873. Desbordamiento de búfer basado en el heap en el repositorio de GitHub vim/vim anterior a la versión 9.0.1873. It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04. • http://seclists.org/fulldisclosure/2023/Oct/24 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2023-4733 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2023-4733
04 Sep 2023 — Use After Free in GitHub repository vim/vim prior to 9.0.1840. Use After Free en el repositorio de GitHub vim/vim anterior a 9.0.1840. macOS Sonoma 14.1 addresses bypass, code execution, spoofing, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2023/Oct/24 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2023-4750 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2023-4750
04 Sep 2023 — Use After Free in GitHub repository vim/vim prior to 9.0.1857. Use After Free en el repositorio de GitHub vim/vim anterior a 9.0.1857. macOS Sonoma 14.1 addresses bypass, code execution, spoofing, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2023/Oct/24 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2023-4752 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2023-4752
04 Sep 2023 — Use After Free in GitHub repository vim/vim prior to 9.0.1858. Use After Free en el repositorio de GitHub vim/vim anterior a 9.0.1858. macOS Sonoma 14.1 addresses bypass, code execution, spoofing, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2023/Oct/24 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-4734 – Integer Overflow or Wraparound in vim/vim
https://notcve.org/view.php?id=CVE-2023-4734
02 Sep 2023 — Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846. Un Desbordamiento de Enteros o Wraparound en el repositorio de GitHub vim/vim version anterior a 9.0.1846. It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04. • http://seclists.org/fulldisclosure/2023/Oct/24 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-36615
https://notcve.org/view.php?id=CVE-2020-36615
14 Aug 2023 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1. Processing a maliciously crafted font may lead to arbitrary code execution. Se ha solucionado un problema de lectura fuera de los límites mejorando la comprobación de límites. Este problema se ha corregido en macOS Big Sur 11.0.1. • https://support.apple.com/en-us/HT211931 • CWE-125: Out-of-bounds Read •