Page 167 of 834 results (0.011 seconds)

CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0

A cookie management issue was addressed with improved checks. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. Un problema de gestión de cookie se abordó con comprobaciones mejoradas. El problema afectaba a versiones anteriores a iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 para Windows, iCloud para Windows 7.6. • https://support.apple.com/kb/HT208932 https://support.apple.com/kb/HT208933 https://support.apple.com/kb/HT208935 https://support.apple.com/kb/HT208936 https://support.apple.com/kb/HT208937 https://support.apple.com/kb/HT208938 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. En iOS en versiones anteriores a la 11.4.1, watchOS en versiones anteriores a la 4.3.2, tvOS en versiones anteriores a la 11.4.1, Safari en versiones anteriores a la 11.1.1 y macOS High Sierra en versiones anteriores a la 10.13.6, existía un problema de suplantación en el manejo de URL. Este problema se abordó mediante la mejora de la validación de entradas. • http://www.securitytracker.com/id/1041232 https://support.apple.com/HT208854 https://support.apple.com/HT208935 https://support.apple.com/HT208936 https://support.apple.com/HT208937 https://support.apple.com/HT208938 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2. Un problema de corrupción de memoria se abordó con una gestión de memoria mejorada. Este problema afectaba a iOS en versiones anteriores a la 11.4.1; macOS High Sierra en versiones anteriores a la 10.13.6; tvOS en versiones anteriores a la 11.4.1 y watchOS en versiones anteriores a la 4.3.2. • https://support.apple.com/kb/HT208935 https://support.apple.com/kb/HT208936 https://support.apple.com/kb/HT208937 https://support.apple.com/kb/HT208938 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 52%CPEs: 14EXPL: 1

In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. En Perl hasta la versión 5.26.2, el módulo Archive::Tar permite que atacantes remotos omitan un mecanismo de protección de salto de directorio y sobrescriban archivos arbitrarios mediante un archivo comprimido que contiene un symlink y un archivo normal con el mismo nombre. It was found that the Archive::Tar module did not properly sanitize symbolic links when extracting tar archives. An attacker, able to provide a specially crafted archive for processing, could use this flaw to write or overwrite arbitrary files in the context of the Perl interpreter. • http://seclists.org/fulldisclosure/2019/Mar/49 http://www.securityfocus.com/bid/104423 http://www.securitytracker.com/id/1041048 https://access.redhat.com/errata/RHSA-2019:2097 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900834 https://seclists.org/bugtraq/2019/Mar/42 https://security.netapp.com/advisory/ntap-20180927-0001 https://support.apple.com/kb/HT209600 https://usn.ubuntu.com/3684-1 https://usn.ubuntu.com/3684-2 https://www.debian.org/security/2018& • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') •