Page 142 of 851 results (0.018 seconds)

CVSS: 8.4EPSS: 0%CPEs: 6EXPL: 1

CVE-2022-0572 – Heap-based Buffer Overflow in vim/vim

https://notcve.org/view.php?id=CVE-2022-0572

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Un Desbordamiento del Búfer en la región Heap de la Memoria en el repositorio de GitHub vim/vim versiones anteriores a 8.2 • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f https://huntr.dev/bounties/bf3e0643-03e9-4436-a1c8-74e7111c32bf https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4GOY5YWTP5QUY2EFLCL7AUWA2CV57C37 https://lists.fedoraproject& • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 2

CVE-2022-22620 – Apple iOS, iPadOS, and macOS Webkit Use-After-Free Vulnerability

https://notcve.org/view.php?id=CVE-2022-22620

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. • https://github.com/kmeps4/CVE-2022-22620 https://github.com/springsec/CVE-2022-22620 https://security.gentoo.org/glsa/202208-39 https://support.apple.com/en-us/HT213091 https://support.apple.com/en-us/HT213092 https://support.apple.com/en-us/HT213093 https://access.redhat.com/security/cve/CVE-2022-22620 https://bugzilla.redhat.com/show_bug.cgi?id=2056474 • CWE-416: Use After Free •

CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 1

CVE-2022-0554 – Use of Out-of-range Pointer Offset in vim/vim

https://notcve.org/view.php?id=CVE-2022-0554

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. Un uso del desplazamiento de Puntero Fuera de Rango en el repositorio de GitHub vim/vim anterior a 8.2 A flaw was found in vim that causes an out-of-range pointer offset vulnerability. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/e3537aec2f8d6470010547af28dcbd83d41461b8 https://huntr.dev/bounties/7e8f6cd0-b5ee-48a2-8255-6a86f4c46c71 https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF https://security.gentoo. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-823: Use of Out-of-range Pointer Offset •

CVSS: 5.5EPSS: 0%CPEs: 23EXPL: 1

CVE-2022-0530

https://notcve.org/view.php?id=CVE-2022-0530

A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. Se ha encontrado un fallo en Unzip. La vulnerabilidad se produce durante la conversión de una cadena amplia a una cadena local que conduce a un montón de escritura fuera de límites. • http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 https://bugzilla.redhat.com/show_bug.cgi?id=2051395 https://github.com/ByteHackr/unzip_poc https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html https://security.gentoo.org/glsa/202310-17 https://support.apple.com/kb/HT213255 https://support.apple.com/kb/HT213256 https://support.apple.com/kb/HT213257 https://www. •

CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0

CVE-2022-22583 – Apple macOS PackageKit PKInstallSandbox SIP Bypass vulnerability

https://notcve.org/view.php?id=CVE-2022-22583

A permissions issue was addressed with improved validation. This issue is fixed in Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application may be able to access restricted files. Se abordó un problema de permisos con una comprobación mejorada. Este problema es corregido en Security Update 2022-001 Catalina, macOS Monterey versión 12.2, macOS Big Sur versión 11.6.3. • https://support.apple.com/en-us/HT213054 https://support.apple.com/en-us/HT213055 https://support.apple.com/en-us/HT213056 •