Page 5 of 1248 results (0.007 seconds)

CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0

CVE-2023-42883 – webkitgtk: processing a malicious image may lead to a denial of service

https://notcve.org/view.php?id=CVE-2023-42883

The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. Processing an image may lead to a denial-of-service. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en Safari 17.2, macOS Sonoma 14.2, iOS 17.2 y iPadOS 17.2, watchOS 10.2, tvOS 17.2, iOS 16.7.3 y iPadOS 16.7.3. • http://seclists.org/fulldisclosure/2023/Dec/12 http://seclists.org/fulldisclosure/2023/Dec/13 http://seclists.org/fulldisclosure/2023/Dec/6 http://seclists.org/fulldisclosure/2023/Dec/7 http://seclists.org/fulldisclosure/2023/Dec/8 http://seclists.org/fulldisclosure/2023/Dec/9 http://www.openwall.com/lists/oss-security/2023/12/18/1 https://support.apple.com/en-us/HT214034 https://support.apple.com/en-us/HT214035 https://support.apple.com/en-us/HT214036 https:& • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0

CVE-2023-42917 – Apple Multiple Products WebKit Memory Corruption Vulnerability

https://notcve.org/view.php?id=CVE-2023-42917

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. Se solucionó una vulnerabilidad de corrupción de memoria con un bloqueo mejorado. • http://seclists.org/fulldisclosure/2023/Dec/12 http://seclists.org/fulldisclosure/2023/Dec/13 http://seclists.org/fulldisclosure/2023/Dec/3 http://seclists.org/fulldisclosure/2023/Dec/4 http://seclists.org/fulldisclosure/2023/Dec/5 http://seclists.org/fulldisclosure/2023/Dec/8 http://seclists.org/fulldisclosure/2024/Jan/35 http://www.openwall.com/lists/oss-security/2023/12/05/1 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHH • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0

CVE-2023-42916 – Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability

https://notcve.org/view.php?id=CVE-2023-42916

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. Se solucionó una lectura fuera de los límites con una validación de entrada mejorada. • http://seclists.org/fulldisclosure/2023/Dec/12 http://seclists.org/fulldisclosure/2023/Dec/13 http://seclists.org/fulldisclosure/2023/Dec/3 http://seclists.org/fulldisclosure/2023/Dec/4 http://seclists.org/fulldisclosure/2023/Dec/5 http://seclists.org/fulldisclosure/2023/Dec/8 http://seclists.org/fulldisclosure/2024/Jan/35 http://www.openwall.com/lists/oss-security/2023/12/05/1 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHH • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0

CVE-2023-42852 – webkitgtk: Processing web content may lead to arbitrary code execution

https://notcve.org/view.php?id=CVE-2023-42852

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution. Se solucionó un problema lógico con controles mejorados. Este problema se solucionó en iOS 17.1 y iPadOS 17.1, watchOS 10.1, iOS 16.7.2 y iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. • http://seclists.org/fulldisclosure/2023/Oct/19 http://seclists.org/fulldisclosure/2023/Oct/22 http://seclists.org/fulldisclosure/2023/Oct/23 http://seclists.org/fulldisclosure/2023/Oct/24 http://seclists.org/fulldisclosure/2023/Oct/25 http://seclists.org/fulldisclosure/2023/Oct/27 http://www.openwall.com/lists/oss-security/2023/11/15/1 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPPMOWFYZODONTA3RLZOKSGNR4DELGG2 https://lists.fedoraproject.org&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2023-41976

https://notcve.org/view.php?id=CVE-2023-41976

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution. Se solucionó un problema de use-after-free con una gestión de memoria mejorada. Este problema se solucionó en iOS 17.1 y iPadOS 17.1, watchOS 10.1, iOS 16.7.2 y iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. • http://seclists.org/fulldisclosure/2023/Oct/19 http://seclists.org/fulldisclosure/2023/Oct/22 http://seclists.org/fulldisclosure/2023/Oct/23 http://seclists.org/fulldisclosure/2023/Oct/24 http://seclists.org/fulldisclosure/2023/Oct/25 http://seclists.org/fulldisclosure/2023/Oct/27 https://support.apple.com/en-us/HT213981 https://support.apple.com/en-us/HT213982 https://support.apple.com/en-us/HT213984 https://support.apple.com/en-us/HT213986 https://support.apple • CWE-416: Use After Free •