CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 1CVE-2022-22976 – springframework: BCrypt skips salt rounds for work factor of 31
https://notcve.org/view.php?id=CVE-2022-22976
19 May 2022 — Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. When using the BCrypt class with the maximum work factor (31), the encoder does not perform any salt rounds, due to an integer overflow error. ... The encoder does not perform any salt rounds when using the BCrypt class with the maximum work factor (31) due to an integer overflow error. • https://github.com/spring-io/cve-2022-22976-bcrypt-skips-salt • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 1CVE-2022-1116 – Kernel Live Patch Security Notice LSN-0086-1
https://notcve.org/view.php?id=CVE-2022-1116
17 May 2022 — Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. ... Una vulnerabilidad de desbordamiento de enteros o Wraparound en io_uring del Kernel de Linux permite a un atacante local causar una corrupción de memoria y escalar privilegios a root. • http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 18EXPL: 0CVE-2022-26697 – Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-26697
17 May 2022 — An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. macOS Monterey 12.4 addresses buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213255 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 18EXPL: 0CVE-2022-26698 – Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-26698
17 May 2022 — An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. macOS Monterey 12.4 addresses buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213255 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2022-26746 – Apple Security Advisory 2022-05-16-4
https://notcve.org/view.php?id=CVE-2022-26746
17 May 2022 — Una aplicación maliciosa puede ser capaz de omitir las preferencias de privacidad macOS Monterey 12.4 addresses buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213255 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-26762 – Apple Security Advisory 2022-05-16-1
https://notcve.org/view.php?id=CVE-2022-26762
17 May 2022 — Una aplicación maliciosa puede ejecutar código arbitrario con privilegios del sistema. macOS Monterey 12.4 addresses buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213257 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-26760 – Apple Security Advisory 2022-05-16-1
https://notcve.org/view.php?id=CVE-2022-26760
17 May 2022 — A malicious application may be able to elevate privileges. iOS 15.5 and iPadOS 15.5 addresses bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213258 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26724 – Apple Security Advisory 2022-05-16-6
https://notcve.org/view.php?id=CVE-2022-26724
17 May 2022 — Un usuario local puede ser capaz de habilitar Fotos de iCloud sin autenticación tvOS 15.5 addresses bypass, code execution, integer overflow, out of bounds access, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213254 • CWE-287: Improper Authentication •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26743 – Apple Security Advisory 2022-05-16-2
https://notcve.org/view.php?id=CVE-2022-26743
17 May 2022 — Un atacante que ya ha logrado una ejecución de código en macOS Recovery puede ser capaz de escalar los privilegios del kernel macOS Monterey 12.4 addresses buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213257 • CWE-787: Out-of-bounds Write •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2022-26765 – Apple Security Advisory 2022-05-16-1
https://notcve.org/view.php?id=CVE-2022-26765
17 May 2022 — Un atacante malicioso con capacidad de lectura y escritura arbitraria puede ser capaz de omitir la autenticación de punteros macOS Monterey 12.4 addresses buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213253 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •