CVE-2023-32379
https://notcve.org/view.php?id=CVE-2023-32379
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.4. An app may be able to execute arbitrary code with kernel privileges. Se ha solucionado un problema de desbordamiento del búfer con una gestión mejorada de la memoria. Este problema se ha corregido en macOS Ventura 13.4. • https://support.apple.com/en-us/HT213758 https://support.apple.com/kb/HT213758 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-28187
https://notcve.org/view.php?id=CVE-2023-28187
This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3. A user may be able to cause a denial-of-service. Este problema se solucionó con una gestión de estados mejorada. Este problema se ha solucionado en macOS Ventura 13.3. • https://support.apple.com/en-us/HT213670 https://support.apple.com/kb/HT213670 •
CVE-2023-32362
https://notcve.org/view.php?id=CVE-2023-32362
Error handling was changed to not reveal sensitive information. This issue is fixed in macOS Ventura 13.3. A website may be able to track sensitive user information. Se ha modificado la gestión de errores para no revelar información sensible. Este problema se ha solucionado en macOS Ventura 13.3. • https://support.apple.com/en-us/HT213670 https://support.apple.com/kb/HT213670 •
CVE-2023-4781 – Heap-based Buffer Overflow in vim/vim
https://notcve.org/view.php?id=CVE-2023-4781
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873. Desbordamiento de búfer basado en el heap en el repositorio de GitHub vim/vim anterior a la versión 9.0.1873. • http://seclists.org/fulldisclosure/2023/Oct/24 https://github.com/vim/vim/commit/f6d28fe2c95c678cc3202cc5dc825a3fcc709e93 https://huntr.dev/bounties/c867eb0a-aa8b-4946-a621-510350673883 https://lists.debian.org/debian-lts-announce/2023/09/msg00035.html https://support.apple.com/kb/HT213984 • CWE-122: Heap-based Buffer Overflow •
CVE-2023-4733 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2023-4733
Use After Free in GitHub repository vim/vim prior to 9.0.1840. Use After Free en el repositorio de GitHub vim/vim anterior a 9.0.1840. • http://seclists.org/fulldisclosure/2023/Oct/24 https://github.com/vim/vim/commit/e1dc9a627536304bc4f738c21e909ad9fcf3974c https://huntr.dev/bounties/1ce1fd8c-050a-4373-8004-b35b61590217 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ • CWE-416: Use After Free •