CVSS: 7.5EPSS: 1%CPEs: 22EXPL: 0CVE-2020-36224 – Apple Security Advisory 2021-05-25-4
https://notcve.org/view.php?id=CVE-2020-36224
25 Jan 2021 — A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. Se detectó un fallo en OpenLDAP versiones anteriores a 2.4.57, conllevando a la liberación de un puntero no válido y un bloqueo de slapd en el procesamiento saslAuthzTo, resultando en una denegación de servicio Several vulnerabilities were discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated... • http://seclists.org/fulldisclosure/2021/May/64 • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2020-36226 – Apple Security Advisory 2021-05-25-4
https://notcve.org/view.php?id=CVE-2020-36226
25 Jan 2021 — A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. Se detectó un fallo en OpenLDAP versiones anteriores a 2.4.57, conllevando un cálculo inapropiado de memch-)bv_len y un bloqueo de slapd en el procesamiento de saslAuthzTo, resultando en una denegación de servicio Several vulnerabilities were discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unaut... • http://seclists.org/fulldisclosure/2021/May/64 •
CVSS: 7.5EPSS: 6%CPEs: 22EXPL: 0CVE-2020-36229 – Apple Security Advisory 2021-05-25-4
https://notcve.org/view.php?id=CVE-2020-36229
25 Jan 2021 — A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. Se detectó un fallo en ldap_X509dn2bv en OpenLDAP versiones anteriores a 2.4.57, conllevando un bloqueo de slapd en el análisis del DN X.509 en ad_keystring, resultando en una denegación de servicio It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause ... • http://seclists.org/fulldisclosure/2021/May/64 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.5EPSS: 2%CPEs: 23EXPL: 0CVE-2020-36230 – Apple Security Advisory 2021-05-25-4
https://notcve.org/view.php?id=CVE-2020-36230
25 Jan 2021 — A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. Se detectó un fallo en OpenLDAP versiones anteriores a 2.4.57, conllevando en un fallo de aserción en slapd en el análisis de DN X.509 en ber_next_element del archivo decode.c, resultando en una denegación de servicio Several vulnerabilities were discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol... • http://seclists.org/fulldisclosure/2021/May/64 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 1%CPEs: 22EXPL: 0CVE-2020-36223 – Apple Security Advisory 2021-05-25-4
https://notcve.org/view.php?id=CVE-2020-36223
25 Jan 2021 — A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). Se detectó un fallo en OpenLDAP versiones anteriores a 2.4.57, conllevando un bloqueo de slapd en el manejo del control de Values Return Filter, resultando en una denegación de servicio (doble liberación y lectura fuera de límites) It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. ... • http://seclists.org/fulldisclosure/2021/May/64 • CWE-125: Out-of-bounds Read CWE-415: Double Free •
CVSS: 9.3EPSS: 0%CPEs: 18EXPL: 0CVE-2020-27947 – Apple macOS process_token_AVCDecode Out-Of-Bounds Write Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-27947
16 Dec 2020 — A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con una comprobación de la entrada mejorada. Este problema es corregido en macOS Big Sur versión 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. • https://support.apple.com/en-us/HT212011 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-27914 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-27914
16 Dec 2020 — A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. A malicious application may be able to execute arbitrary code with system privileges. Se abordó un problema de corrupción de memoria con una comprobación de la entrada mejorada. Este problema es corregido en macOS Big Sur versión 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave... • https://support.apple.com/en-us/HT211931 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 18EXPL: 0CVE-2020-29612 – Apple macOS patch_encoding_common Out-Of-Bounds Write Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-29612
16 Dec 2020 — An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may be able to execute arbitrary code with system privileges. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en macOS Big Sur versión 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. • https://support.apple.com/en-us/HT212011 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 19EXPL: 0CVE-2020-29621 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-29621
16 Dec 2020 — This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may be able to bypass Privacy preferences. Este problema es abordado con comprobaciones mejoradas. Este problema es corregido en macOS Big Sur versión 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. • https://support.apple.com/en-us/HT212011 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-27919 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-27919
16 Dec 2020 — An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. Processing a maliciously crafted image may lead to arbitrary code execution. Se abordó una escritura fuera de límites con una comprobación de la entrada mejorada. Este problema es corregido en macOS Big Sur versión 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur ve... • https://support.apple.com/en-us/HT211931 • CWE-787: Out-of-bounds Write •