CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2020-36224 – Apple Security Advisory 2021-05-25-4
https://notcve.org/view.php?id=CVE-2020-36224
25 Jan 2021 — A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. Se detectó un fallo en OpenLDAP versiones anteriores a 2.4.57, conllevando a la liberación de un puntero no válido y un bloqueo de slapd en el procesamiento saslAuthzTo, resultando en una denegación de servicio Several vulnerabilities were discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated... • http://seclists.org/fulldisclosure/2021/May/64 • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2020-36226 – Apple Security Advisory 2021-05-25-4
https://notcve.org/view.php?id=CVE-2020-36226
25 Jan 2021 — A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. Se detectó un fallo en OpenLDAP versiones anteriores a 2.4.57, conllevando un cálculo inapropiado de memch-)bv_len y un bloqueo de slapd en el procesamiento de saslAuthzTo, resultando en una denegación de servicio Several vulnerabilities were discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unaut... • http://seclists.org/fulldisclosure/2021/May/64 •
CVSS: 7.5EPSS: 2%CPEs: 22EXPL: 0CVE-2020-36229 – Apple Security Advisory 2021-05-25-4
https://notcve.org/view.php?id=CVE-2020-36229
25 Jan 2021 — A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. Se detectó un fallo en ldap_X509dn2bv en OpenLDAP versiones anteriores a 2.4.57, conllevando un bloqueo de slapd en el análisis del DN X.509 en ad_keystring, resultando en una denegación de servicio It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause ... • http://seclists.org/fulldisclosure/2021/May/64 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.5EPSS: 0%CPEs: 23EXPL: 0CVE-2020-36230 – Apple Security Advisory 2021-05-25-4
https://notcve.org/view.php?id=CVE-2020-36230
25 Jan 2021 — A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. Se detectó un fallo en OpenLDAP versiones anteriores a 2.4.57, conllevando en un fallo de aserción en slapd en el análisis de DN X.509 en ber_next_element del archivo decode.c, resultando en una denegación de servicio Several vulnerabilities were discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol... • http://seclists.org/fulldisclosure/2021/May/64 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 6%CPEs: 22EXPL: 0CVE-2020-36223 – Apple Security Advisory 2021-05-25-4
https://notcve.org/view.php?id=CVE-2020-36223
25 Jan 2021 — A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). Se detectó un fallo en OpenLDAP versiones anteriores a 2.4.57, conllevando un bloqueo de slapd en el manejo del control de Values Return Filter, resultando en una denegación de servicio (doble liberación y lectura fuera de límites) It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. ... • http://seclists.org/fulldisclosure/2021/May/64 • CWE-125: Out-of-bounds Read CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2020-9960 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-9960
16 Dec 2020 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted audio file may lead to arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de la entrada mejorada. Este problema es corregido en macOS Big Sur versión 11.0.1, tvOS versión 14.0, macOS Big S... • https://support.apple.com/en-us/HT211843 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2020-9962 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-9962
16 Dec 2020 — A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted image may lead to arbitrary code execution. Se abordó un desbordamiento del búfer con una comprobación mejorada del tamaño. Este problema es corregido en macOS Big Sur versión 11.0.1, tvOS versión 14.0, macOS Big Sur versión 11.... • https://support.apple.com/en-us/HT211843 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.3EPSS: 0%CPEs: 21EXPL: 0CVE-2020-9975 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-9975
16 Dec 2020 — A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de uso de la memoria previamente liberada con una administración de la memoria mejorada. Este problema es corregido en macOS Big Sur versión 11.0.1, tvOS v... • https://support.apple.com/en-us/HT211843 • CWE-416: Use After Free •
CVSS: 4.5EPSS: 0%CPEs: 21EXPL: 0CVE-2020-9978 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-9978
16 Dec 2020 — This issue was addressed with improved setting propagation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. An attacker in a privileged network position may be able to unexpectedly alter application state. Este problema es abordado con una propagación de configuración mejorada. Este problema es corregido en macOS Big Sur versión 11.0.1, tvOS versión 14.0, macOS Big Sur ... • https://support.apple.com/en-us/HT211843 •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 1CVE-2020-29611 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-29611
16 Dec 2020 — An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may lead to arbitrary code execution. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en tvOS versión 14.3, macOS Big Sur versión 11.1,... • https://packetstorm.news/files/id/160547 • CWE-787: Out-of-bounds Write •