Page 7 of 695 results (0.016 seconds)

CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0

A validation issue existed in the handling of symlinks and was addressed with improved validation of symlinks. This issue is fixed in macOS Monterey 12.4. An app may be able to gain elevated privileges. Se presentaba un problema de comprobación en el manejo de los enlaces simbólicos y se abordó con una comprobación de los enlaces simbólicos mejorada. Este problema es corregido en macOS Monterey versión 12.4. • http://seclists.org/fulldisclosure/2022/Jul/13 http://seclists.org/fulldisclosure/2022/Jul/14 https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0032/MNDT-2022-0032.md https://support.apple.com/en-us/HT213257 https://support.apple.com/kb/HT213343 https://support.apple.com/kb/HT213344 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.1EPSS: 0%CPEs: 18EXPL: 0

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. Se abordó un problema de lectura fuera de límites con una comprobación de entrada mejorada. Este problema es corregido en Security Update 2022-004 Catalina, macOS Monterey versión 12.4, macOS Big Sur versión 11.6.6. • https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 • CWE-125: Out-of-bounds Read •

CVSS: 9.3EPSS: 0%CPEs: 16EXPL: 0

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to gain elevated privileges. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en Security Update 2022-004 Catalina, macOS Monterey versión 12.4, macOS Big Sur versión 11.6.6. • https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0

A memory corruption issue was addressed with improved input validation. This issue is fixed in iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6, macOS Monterey 12.4. Processing a maliciously crafted image may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con una comprobación de entradas mejorada. Este problema es corregido en iTunes versión 12.12.4 para Windows, iOS versión 15.5 y iPadOS versión 15.5, Security Update 2022-004 Catalina, macOS Big Sur versión 11.6.6, macOS Monterey versión 12.4. • https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 https://support.apple.com/en-us/HT213258 https://support.apple.com/en-us/HT213259 • CWE-787: Out-of-bounds Write •

CVSS: 9.3EPSS: 0%CPEs: 20EXPL: 0

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. Este problema es corregido en tvOS versión 15.5, iOS versión 15.5 y iPadOS versión 15.5, Security Update 2022-004 Catalina, watchOS versión 8.6, macOS Big Sur versión 11.6.6, macOS Monterey versión 12.4. • http://packetstormsecurity.com/files/167517/XNU-Flow-Divert-Race-Condition-Use-After-Free.html https://support.apple.com/en-us/HT213253 https://support.apple.com/en-us/HT213254 https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 https://support.apple.com/en-us/HT213258 • CWE-416: Use After Free •