Page 2 of 84 results (0.014 seconds)

CVSS: 8.8EPSS: 31%CPEs: 25EXPL: 0

CVE-2023-5217 – Google Chromium libvpx Heap Buffer Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2023-5217

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El desbordamiento del búfer en la codificación vp8 en libvpx en Google Chrome anterior a 117.0.5938.132 y libvpx 1.13.1 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library. Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. • http://seclists.org/fulldisclosure/2023/Oct/12 http://seclists.org/fulldisclosure/2023/Oct/16 http://www.openwall.com/lists/oss-security/2023/09/28/5 http://www.openwall.com/lists/oss-security/2023/09/28/6 http://www.openwall.com/lists/oss-security/2023/09/29/1 http://www.openwall.com/lists/oss-security/2023/09/29/11 http://www.openwall.com/lists/oss-security/2023/09/29/12 http://www.openwall.com/lists/oss-security/2023/09/29/14 http://ww • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2023-34352

https://notcve.org/view.php?id=CVE-2023-34352

A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An attacker may be able to leak user account emails. Se ha solucionado un problema de permisos con la mejora de la redacción de información sensible. Este problema se ha solucionado en macOS Ventura 13.4, tvOS 16.5, iOS 16.5, iPadOS 16.5 y watchOS 9.5. • https://support.apple.com/en-us/HT213757 https://support.apple.com/en-us/HT213758 https://support.apple.com/en-us/HT213761 https://support.apple.com/en-us/HT213764 https://support.apple.com/kb/HT213757 https://support.apple.com/kb/HT213758 https://support.apple.com/kb/HT213761 https://support.apple.com/kb/HT213764 • CWE-276: Incorrect Default Permissions •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2023-32438

https://notcve.org/view.php?id=CVE-2023-32438

This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences. Este problema ha sido abordado con comprobaciones mejoradas para evitar acciones no autorizadas. Este problema es corregido en tvOS 16.3, macOS Ventura 13.2, watchOS 9.3, iOS 16.3 y iPadOS 16.3. • https://support.apple.com/en-us/HT213599 https://support.apple.com/en-us/HT213601 https://support.apple.com/en-us/HT213605 https://support.apple.com/en-us/HT213606 •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2023-32432

https://notcve.org/view.php?id=CVE-2023-32432

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to access user-sensitive data. Se solucionó un problema de privacidad mejorando el manejo de archivos temporales. Este problema se solucionó en macOS Ventura 13.4, tvOS 16.5, iOS 16.5 y iPadOS 16.5, watchOS 9.5. • https://support.apple.com/en-us/HT213757 https://support.apple.com/en-us/HT213758 https://support.apple.com/en-us/HT213761 https://support.apple.com/en-us/HT213764 https://support.apple.com/kb/HT213757 https://support.apple.com/kb/HT213758 https://support.apple.com/kb/HT213761 https://support.apple.com/kb/HT213764 •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2023-32428

https://notcve.org/view.php?id=CVE-2023-32428

This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to gain root privileges. Este problema se solucionó con un mejor manejo de archivos. Este problema se ha solucionado en macOS Ventura 13.4, tvOS 16.5, iOS 16.5, iPadOS 16.5 y watchOS 9.5. • https://support.apple.com/en-us/HT213757 https://support.apple.com/en-us/HT213758 https://support.apple.com/en-us/HT213761 https://support.apple.com/en-us/HT213764 https://support.apple.com/kb/HT213757 https://support.apple.com/kb/HT213758 https://support.apple.com/kb/HT213761 https://support.apple.com/kb/HT213764 •