Page 50 of 1038 results (0.024 seconds)

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

17 May 2022 — The issue was addressed with additional permissions checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences. El problema se abordó con comprobaciones de permisos adicionales. Este problema es corregido en macOS Monterey versión 12.4, macOS Big Sur versión 11.6.6. • https://support.apple.com/en-us/HT213256 • CWE-863: Incorrect Authorization •

CVSS: 9.3EPSS: 0%CPEs: 16EXPL: 0

17 May 2022 — A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges. Se abordó un problema de inicialización de la memoria. Este problema es corregido en Security Update 2022-004 Catalina, macOS Monterey versión 12.4, macOS Big Sur versión 11.6.6. • https://support.apple.com/en-us/HT213255 • CWE-665: Improper Initialization •

CVSS: 5.5EPSS: 1%CPEs: 6EXPL: 0

17 May 2022 — An access issue was addressed with additional sandbox restrictions on third-party applications. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A sandboxed process may be able to circumvent sandbox restrictions. Se abordó un problema de acceso con restricciones adicionales de sandbox en aplicaciones de terceros. Este problema es corregido en tvOS versión 15.5, iOS versión 15.5 y iPadOS versión 15.5, watchOS versión 8.6, macOS Big Sur versió... • https://support.apple.com/en-us/HT213253 •

CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0

17 May 2022 — A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con una administración de estados mejorada. Este problema es corregido en macOS Monterey versión 12.4, watchOS versión 8.6, tvOS versión 15.5, macOS Big Sur versión 11.6.6. • http://seclists.org/fulldisclosure/2022/Jul/12 • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1

16 May 2022 — Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution. Una Lectura Excesiva del Búfer en la función grab_file_name en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4956. Esta vulnerabilidad es capaz de bloquear el software, modificación de la memoria y una posible ejecución remota macOS Ventura 13 addresses buffer overflow, bypass, code execution, out... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •

CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 1

16 May 2022 — NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. Un Desreferencia de Puntero NULL en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4959 It was discovered that Vim could be made to crash when searching specially crafted patterns. An attacker could possibly use this to crash Vim and cause denial of service. It was discovered that there existed a NULL pointer dereference in Vim. An attacker could possibly use this to crash Vim and cause denial of service. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-476: NULL Pointer Dereference •

CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 1

12 May 2022 — NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. Una Desreferencia de Puntero NULL en la función vim_regexec_string en el archivo regexp.c:2733 en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4938. Una Desreferencia de Puntero NULL en la función vim_regexec_string ... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1

11 May 2022 — LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. La rama maestra de LibTIFF presenta una lectura fuera de límites en LZWDecode en libtiff/tif_lzw.c:619, permitiendo a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para usuarios que compilan libtiff a partir de las fuentes, la ... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1

10 May 2022 — Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution Una lectura Excesiva del Búfer en la función find_next_quote en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4925. Esta vulnerabilidad es capaz de bloquear el software, Modificar la Memoria y una posible ejecución remota A flaw was found in vim, where it is vulnerable to a buffer over-read in the find_n... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1

09 May 2022 — Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution Un Desbordamiento del búfer de pila en vim_strncpy find_word en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4919. Esta vulnerabilidad es capaz de bloquear el software, Omitir el Mecanismo de Protección, Modificar la Memoria y una posible ejecución remota A flaw was found in v... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •