Page 76 of 685 results (0.007 seconds)

CVSS: 7.5EPSS: 0%CPEs: 23EXPL: 0

An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault. Se descubrió un problema en libxml2 antes de la versión 2.10.3. Al analizar un documento XML de varios gigabytes con la opción de analizador XML_PARSE_HUGE habilitada, varios contadores de enteros pueden desbordarse. • http://seclists.org/fulldisclosure/2022/Dec/21 http://seclists.org/fulldisclosure/2022/Dec/24 http://seclists.org/fulldisclosure/2022/Dec/25 http://seclists.org/fulldisclosure/2022/Dec/26 http://seclists.org/fulldisclosure/2022/Dec/27 https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0 https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3 https://security.netapp.com/advisory/ntap-20221209-0003 https://support.apple.com/kb/HT213531 https:/ • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. Se solucionó un problema de escritura fuera de los límites mejorando la verificación de los límites. • https://support.apple.com/en-us/HT213489 https://support.apple.com/en-us/HT213490 • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to bypass Privacy preferences. Este problema se solucionó mejorando la protección de datos. Este problema se solucionó en iOS 16 y macOS Ventura 13. • https://support.apple.com/en-us/HT213446 https://support.apple.com/en-us/HT213488 •

CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0

A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges. Se solucionó una condición de ejecución con un bloqueo mejorado. Este problema se solucionó en iOS 16.1 y iPadOS 16, macOS Ventura 13. • https://support.apple.com/en-us/HT213488 https://support.apple.com/en-us/HT213489 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges. Se solucionó un problema de use-after-free con una gestión de memoria mejorada. Este problema se solucionó en iOS 16.1 y iPadOS 16, macOS Ventura 13. • https://support.apple.com/en-us/HT213488 https://support.apple.com/en-us/HT213489 • CWE-416: Use After Free •