NotCVE - vendor:"Apple" product:"Watchos" version:" <= 3.2"

Page 35 of 1417 results (0.010 seconds)

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2022-22584 – Apple macOS ColorSync ICC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2022-22584

31 Jan 2022 — A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. Processing a maliciously crafted file may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con una comprobación mejorada. Este problema es corregido en tvOS versión 15.3, iOS versión 15.3 y iPadOS versión 15.3, watchOS versión 8.4, macOS Monterey versión 12.2. • https://support.apple.com/en-us/HT213053 • CWE-787: Out-of-bounds Write •

CVSS: 9.3EPSS: 0%CPEs: 21EXPL: 0

CVE-2022-22593

https://notcve.org/view.php?id=CVE-2022-22593

31 Jan 2022 — A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de desbordamiento del búfer con un manejo de memoria mejorado. Este problema es corregido en iOS versión 15.3 y iPadOS versión 15.3, watchOS versión 8.4, tvOS versión 15.3, Security Up... • https://support.apple.com/en-us/HT213053 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2022-22590 – webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution

https://notcve.org/view.php?id=CVE-2022-22590

31 Jan 2022 — A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. Este problema es corregido en iOS versión 15.3 y iPadOS versión 15.3, watchOS versión 8.4, tvOS versión 15.3, Safari versión 15.3, macOS Monterey ver... • https://security.gentoo.org/glsa/202208-39 • CWE-416: Use After Free •

CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2022-22578

https://notcve.org/view.php?id=CVE-2022-22578

31 Jan 2022 — A logic issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. A malicious application may be able to gain root privileges. Se abordó un problema de lógica con una comprobación mejorada. Este problema es corregido en tvOS versión 15.3, iOS versión 15.3 y iPadOS versión 15.3, watchOS versión 8.4, macOS Monterey versión 12.2. • https://support.apple.com/en-us/HT213053 •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2022-22585

https://notcve.org/view.php?id=CVE-2022-22585

31 Jan 2022 — An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application may be able to access a user's files. Se presentaba un problema en la lógica de comprobación de rutas para los enlaces simbólicos. • https://support.apple.com/en-us/HT213053 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.6EPSS: 0%CPEs: 22EXPL: 0

CVE-2022-22589 – webkitgtk: Processing a maliciously crafted mail message may lead to running arbitrary javascript

https://notcve.org/view.php?id=CVE-2022-22589

31 Jan 2022 — A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript. Se abordó un problema de comprobación con un saneo de entradas mejorado. Este problema es corregido en iOS versión 15.3 y iPadOS versión 15.3, watchOS versión 8.4, tvOS versión 15.3, Safari versión 15.3, macOS Monterey versión 12.2. • http://seclists.org/fulldisclosure/2022/May/33 • CWE-1173: Improper Use of Validation Framework •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2022-22594 – webkitgtk: A malicious website may exfiltrate data cross-origin

https://notcve.org/view.php?id=CVE-2022-22594

31 Jan 2022 — A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information. Se abordó un problema de origen cruzado en la API de IndexDB con una comprobación de entrada mejorada. Este problema es corregido en iOS versión 15.3 y iPadOS versión 15.3, watchOS versión 8.4, tvOS versión 15.3, Safari versión 15.3, macOS Monterey versión 12.... • https://support.apple.com/en-us/HT213053 • CWE-346: Origin Validation Error •

CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0

CVE-2022-22592 – webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

https://notcve.org/view.php?id=CVE-2022-22592

31 Jan 2022 — A logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. Se abordó un problema de lógica con una administración de estados mejorada. Este problema es corregido en iOS versión 15.3 y iPadOS versión 15.3, watchOS versión 8.4, tvOS versión 15.3, Safari versión 15.3, macOS Monterey versión 12.2. • https://security.gentoo.org/glsa/202208-39 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •

CVSS: 7.3EPSS: 0%CPEs: 8EXPL: 3

CVE-2022-21658 – Race condition in std::fs::remove_dir_all in rustlang

https://notcve.org/view.php?id=CVE-2022-21658

20 Jan 2022 — Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlink following (CWE-363). An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete. Rust 1.0.0 through Rust 1.58.0 is affected by this v... • https://github.com/sagittarius-a/cve-2022-21658 • CWE-363: Race Condition Enabling Link Following CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2019-8703

https://notcve.org/view.php?id=CVE-2019-8703

23 Dec 2021 — This issue was addressed with improved entitlements. This issue is fixed in watchOS 6, tvOS 13, macOS Catalina 10.15, iOS 13. An application may be able to gain elevated privileges. Este problema se abordó con los derechos mejorados. Este problema es corregido en watchOS versión 6, tvOS versión 13, macOS Catalina versión 10.15, iOS versión 13. • https://support.apple.com/en-us/HT210604 •

1...33 34 35 36 37