CVSS: 7.3EPSS: 0%CPEs: 8EXPL: 3CVE-2022-21658 – Race condition in std::fs::remove_dir_all in rustlang
https://notcve.org/view.php?id=CVE-2022-21658
20 Jan 2022 — Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlink following (CWE-363). An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete. Rust 1.0.0 through Rust 1.58.0 is affected by this v... • https://github.com/sagittarius-a/cve-2022-21658 • CWE-363: Race Condition Enabling Link Following CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22588 – Apple Security Advisory 2022-01-12-1
https://notcve.org/view.php?id=CVE-2022-22588
13 Jan 2022 — A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 15.2.1 and iPadOS 15.2.1. Processing a maliciously crafted HomeKit accessory name may cause a denial of service. Se abordó un problema de agotamiento de recursos con una comprobación de entradas mejorada. Este problema es corregido en iOS versión 15.2.1 y iPadOS versión 15.2.1. • https://support.apple.com/en-us/HT213043 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 23EXPL: 0CVE-2019-8702
https://notcve.org/view.php?id=CVE-2019-8702
23 Dec 2021 — This issue was addressed with a new entitlement. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra, iOS 12.4, tvOS 12.4. A local user may be able to read a persistent account identifier. Este problema se abordó con una nueva asignación de derechos. Este problema es corregido en macOS Mojave versión 10.14.6, actualización de seguridad 2019-004 High Sierra, actualización de seguridad 2019-004 Sierra, iOS versión 12.4, tvOS versión 12.4. • https://support.apple.com/en-us/HT210346 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-8703
https://notcve.org/view.php?id=CVE-2019-8703
23 Dec 2021 — This issue was addressed with improved entitlements. This issue is fixed in watchOS 6, tvOS 13, macOS Catalina 10.15, iOS 13. An application may be able to gain elevated privileges. Este problema se abordó con los derechos mejorados. Este problema es corregido en watchOS versión 6, tvOS versión 13, macOS Catalina versión 10.15, iOS versión 13. • https://support.apple.com/en-us/HT210604 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-4302
https://notcve.org/view.php?id=CVE-2018-4302
23 Dec 2021 — A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution. Se abordó una desreferencia de puntero null con una comprobación mejorada. Este problema es corregido en macOS High Sierra versión 10.13, iCloud para Windows versión 7.0, watchOS versión 4, iOS versión 11, iTunes ve... • https://support.apple.com/en-us/HT208112 • CWE-476: NULL Pointer Dereference •
CVSS: 8.1EPSS: 0%CPEs: 16EXPL: 0CVE-2017-13905
https://notcve.org/view.php?id=CVE-2017-13905
23 Dec 2021 — A race condition was addressed with additional validation. This issue is fixed in tvOS 11.2, iOS 11.2, macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan, watchOS 4.2. An application may be able to gain elevated privileges. Se abordó una condición de carrera con una comprobación adicional. Este problema es corregido en tvOS versión 11.2, iOS versión 11.2, macOS High Sierra versión 10.13.2, Security Update 2017-002 Sierra y Security Update 2017-005 El Capitan,... • https://support.apple.com/en-us/HT208325 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-13880
https://notcve.org/view.php?id=CVE-2017-13880
23 Dec 2021 — A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 11.2, watchOS 4.2. An application may be able to execute arbitrary code with kernel privilege. Se abordó un problema de corrupción de memoria con un manejo de la memoria mejorada. Este problema se ha corregido en iOS versión 11.2, watchOS versión 4.2. • https://support.apple.com/en-us/HT208325 •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2375
https://notcve.org/view.php?id=CVE-2017-2375
23 Dec 2021 — An issue existed in preventing the uploading of CallKit call history to iCloud. This issue was addressed through improved logic. This issue is fixed in iOS 10.2.1. Updates for CallKit call history are sent to iCloud. Se presentó un problema para evitar la carga del historial de llamadas de CallKit a iCloud. • https://support.apple.com/en-us/HT207482 •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2021-30767 – Apple Security Advisory 2021-12-15-4
https://notcve.org/view.php?id=CVE-2021-30767
17 Dec 2021 — A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A local user may be able to modify protected parts of the file system. Se abordó un problema de lógica con la administración de estados mejorada. Este problema se ha corregido en macOS Big Sur versión 11.6.2, macOS Monterey versión 12.1, Security Update 2021-008 Catalina, iOS versión 15.2 y iPadOS versión 15.2,... • https://support.apple.com/en-us/HT212975 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-9897
https://notcve.org/view.php?id=CVE-2020-9897
28 Oct 2021 — An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Big Sur 11.0.1. Processing a maliciously crafted PDF may lead to arbitrary code execution. Se abordó una escritura fuera de límites con una comprobación de entrada mejorada. Este problema se corrigió en iOS versión 14.2 y iPadOS versión 14.2, macOS Big Sur versión 11.0.1. • https://support.apple.com/en-us/HT211929 • CWE-787: Out-of-bounds Write •