CVE-2022-46070
https://notcve.org/view.php?id=CVE-2022-46070
GV-ASManager V6.0.1.0 contains a Local File Inclusion vulnerability in GeoWebServer via Path. GV-ASManager V6.0.1.0 contiene una vulnerabilidad de inclusión de archivos locales en GeoWebServer a través de Path. • https://s3.amazonaws.com/geovision_downloads/TechNotice/CyberSecurity/Security_Advistory_ASManager-ASM-2022-11.pdf • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-23278
https://notcve.org/view.php?id=CVE-2024-23278
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to break out of its sandbox. El problema se solucionó con controles mejorados. Este problema se solucionó en macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 y iPadOS 17.4, watchOS 10.4, iOS 16.7.6 y iPadOS 16.7.6, tvOS 17.4. • http://seclists.org/fulldisclosure/2024/Mar/21 http://seclists.org/fulldisclosure/2024/Mar/22 http://seclists.org/fulldisclosure/2024/Mar/24 http://seclists.org/fulldisclosure/2024/Mar/25 https://support.apple.com/en-us/HT214081 https://support.apple.com/en-us/HT214082 https://support.apple.com/en-us/HT214084 https://support.apple.com/en-us/HT214085 https://support.apple.com/en-us/HT214086 https://support.apple.com/en-us/HT214088 https://support.apple.com/kb • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-23258
https://notcve.org/view.php?id=CVE-2024-23258
Processing an image may lead to arbitrary code execution. • http://seclists.org/fulldisclosure/2024/Mar/21 http://seclists.org/fulldisclosure/2024/Mar/26 https://support.apple.com/en-us/HT214084 https://support.apple.com/en-us/HT214087 • CWE-125: Out-of-bounds Read •
CVE-2024-23286 – Apple macOS CoreGraphics Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-23286
Processing an image may lead to arbitrary code execution. • http://seclists.org/fulldisclosure/2024/Mar/21 http://seclists.org/fulldisclosure/2024/Mar/22 http://seclists.org/fulldisclosure/2024/Mar/23 http://seclists.org/fulldisclosure/2024/Mar/24 http://seclists.org/fulldisclosure/2024/Mar/25 http://seclists.org/fulldisclosure/2024/Mar/26 https://support.apple.com/en-us/HT214081 https://support.apple.com/en-us/HT214082 https://support.apple.com/en-us/HT214083 https://support.apple.com/en-us/HT214084 https://support.apple • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-23247
https://notcve.org/view.php?id=CVE-2024-23247
Processing a file may lead to unexpected app termination or arbitrary code execution. • http://seclists.org/fulldisclosure/2024/Mar/21 http://seclists.org/fulldisclosure/2024/Mar/22 http://seclists.org/fulldisclosure/2024/Mar/23 https://support.apple.com/en-us/HT214083 https://support.apple.com/en-us/HT214084 https://support.apple.com/en-us/HT214085 •