Page 62 of 1651 results (0.005 seconds)

CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1

CVE-2022-26981

https://notcve.org/view.php?id=CVE-2022-26981

Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c). Liblouis versiones hasta 3.21.0, presenta un desbordamiento de búfer en compilePassOpcode en el archivo compileTranslationTable.c (llamado, indirectamente, por el archivo tools/lou_checktable.c) • http://seclists.org/fulldisclosure/2022/Jul/12 http://seclists.org/fulldisclosure/2022/Jul/15 http://seclists.org/fulldisclosure/2022/Jul/16 http://seclists.org/fulldisclosure/2022/Jul/18 https://github.com/liblouis/liblouis/issues/1171 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFD2KIHESDUCNWTEW3USFB5GKTWT624L https://security.gentoo.org/glsa/202301-06 https://support.apple.com/kb/HT213340 https://support.apple.com/kb/HT213342 https://sup • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 8.1EPSS: 0%CPEs: 58EXPL: 0

CVE-2022-23308 – libxml2: Use-after-free of ID and IDREF attributes

https://notcve.org/view.php?id=CVE-2022-23308

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. El archivo valid.c en libxml2 versiones anteriores a 2.9.13, presenta un uso de memoria previamente liberada de los atributos ID e IDREF. A flaw was found in libxml2. A call to the xmlGetID function can return a pointer already freed when parsing an XML document with the XML_PARSE_DTDVALID option and without the XML_PARSE_NOENT option, resulting in a use-after-free issue. • http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/34 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/36 http://seclists.org/fulldisclosure/2022/May/37 http://seclists.org/fulldisclosure/2022/May/38 https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS https://lists.debian.org/debian-lts-announce/2022/04/msg00004. • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-30771 – Apple macOS libFontParser TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2021-30771

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, iOS 14.6 and iPadOS 14.6, watchOS 7.5, tvOS 14.6. Processing a maliciously crafted font file may lead to arbitrary code execution. Se abordó una escritura fuera de límites con una comprobación de entrada mejorada. Este problema es corregido en macOS Big Sur versión 11.4, iOS versión 14.6 y iPadOS versión 14.6, watchOS versión 7.5, tvOS versión 14.6. • https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212532 https://support.apple.com/en-us/HT212533 • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2022-22584 – Apple macOS ColorSync ICC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2022-22584

A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. Processing a maliciously crafted file may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con una comprobación mejorada. Este problema es corregido en tvOS versión 15.3, iOS versión 15.3 y iPadOS versión 15.3, watchOS versión 8.4, macOS Monterey versión 12.2. • https://support.apple.com/en-us/HT213053 https://support.apple.com/en-us/HT213054 https://support.apple.com/en-us/HT213057 https://support.apple.com/en-us/HT213059 • CWE-787: Out-of-bounds Write •

CVSS: 7.6EPSS: 0%CPEs: 22EXPL: 0

CVE-2022-22589 – webkitgtk: Processing a maliciously crafted mail message may lead to running arbitrary javascript

https://notcve.org/view.php?id=CVE-2022-22589

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript. Se abordó un problema de comprobación con un saneo de entradas mejorado. Este problema es corregido en iOS versión 15.3 y iPadOS versión 15.3, watchOS versión 8.4, tvOS versión 15.3, Safari versión 15.3, macOS Monterey versión 12.2. • http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 https://security.gentoo.org/glsa/202208-39 https://support.apple.com/en-us/HT213053 https://support.apple.com/en-us/HT213054 https://support.apple.com/en-us/HT213057 https://support.apple.com/en-us/HT213058 https://support.apple.com/en-us/HT213059 https://support.apple.com/kb/HT213185 https://support.apple.com/kb/HT213255 https://support.apple.com/kb/HT213256 https:&# • CWE-1173: Improper Use of Validation Framework •