Page 170 of 1449 results (0.022 seconds)

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

CVE-2022-24070 – Apache Subversion mod_dav_svn is vulnerable to memory corruption

https://notcve.org/view.php?id=CVE-2022-24070

Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected. La función mod_dav_svn de Subversion es vulnerable a una corrupción de memoria. • http://seclists.org/fulldisclosure/2022/Jul/18 https://bz.apache.org/bugzilla/show_bug.cgi?id=65861 https://cwiki.apache.org/confluence/display/HTTPD/ModuleLife https://issues.apache.org/jira/browse/SVN-4880 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZ4ARNGLMGYBKYDX2B7DRBNMF6EH3A6R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJPMCWCGWBN3QWCDVILWQWPC75RR67LT https://support.apple.com/kb/HT213345 https://www.debian • CWE-416: Use After Free •

CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 1

CVE-2021-28544 – Apache Subversion SVN authz protected copyfrom paths regression

https://notcve.org/view.php?id=CVE-2021-28544

Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a protected location, users with access to the copy can see the 'copyfrom' path of the original. This also reveals the fact that the node was copied. Only the 'copyfrom' path is revealed; not its contents. Both httpd and svnserve servers are vulnerable. • http://seclists.org/fulldisclosure/2022/Jul/18 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZ4ARNGLMGYBKYDX2B7DRBNMF6EH3A6R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJPMCWCGWBN3QWCDVILWQWPC75RR67LT https://subversion.apache.org/security/CVE-2021-28544-advisory.txt https://support.apple.com/kb/HT213345 https://www.debian.org/security/2022/dsa-5119 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

CVE-2022-24836 – Inefficient Regular Expression Complexity in Nokogiri

https://notcve.org/view.php?id=CVE-2022-24836

Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `< v1.13.4` contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to detect encoding in HTML documents. Users are advised to upgrade to Nokogiri `>= 1.13.4`. There are no known workarounds for this issue. Nokogiri es una biblioteca XML y HTML de código abierto para Ruby. • http://seclists.org/fulldisclosure/2022/Dec/23 https://github.com/sparklemotion/nokogiri/commit/e444525ef1634b675cd1cf52d39f4320ef0aecfd https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-crjr-9rc5-ghw8 https://lists.debian.org/debian-lts-announce/2022/05/msg00013.html https://lists.debian.org/debian-lts-announce/2022/10/msg00018.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DHCOWMA5PQTIQIMDENA7R2Y5BDYAIYM https://lists.fedoraproject.org/archives/list/package& • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •

CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0

CVE-2022-22675 – Apple macOS Out-of-Bounds Write Vulnerability

https://notcve.org/view.php?id=CVE-2022-22675

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.3.1, iOS 15.4.1 and iPadOS 15.4.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. • https://support.apple.com/en-us/HT213219 https://support.apple.com/en-us/HT213220 https://support.apple.com/en-us/HT213253 https://support.apple.com/en-us/HT213254 https://support.apple.com/en-us/HT213256 • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0

CVE-2022-22674 – Apple macOS Out-of-Bounds Read Vulnerability

https://notcve.org/view.php?id=CVE-2022-22674

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. A local user may be able to read kernel memory. Se presentaba un problema de lectura fuera de límites que conllevaba a una divulgación de la memoria del kernel. • https://support.apple.com/en-us/HT213220 https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 • CWE-125: Out-of-bounds Read •