Page 79 of 770 results (0.008 seconds)

CVSS: 6.5EPSS: 0%CPEs: 14EXPL: 1

curl can be told to parse a `.netrc` file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause a segfault or similar, but circumstances might also cause different outcomes.If a malicious user can provide a custom netrc file to an application or otherwise affect its contents, this flaw could be used as denial-of-service. Se puede indicar a curl que analice un archivo `.netrc` en busca de credenciales. Si ese archivo termina en una línea con 4095 letras de espacios consecutivos que no sean espacios en blanco y sin nueva línea, curl primero leerá más allá del final del búfer basado en pila y, si la lectura funciona, escribirá un byte cero más allá de su límite. En la mayoría de los casos, esto causará una falla de segmento o similar, pero las circunstancias también pueden causar resultados diferentes. • http://seclists.org/fulldisclosure/2023/Jan/19 http://seclists.org/fulldisclosure/2023/Jan/20 https://hackerone.com/reports/1721098 https://security.gentoo.org/glsa/202212-01 https://security.netapp.com/advisory/ntap-20230110-0006 https://support.apple.com/kb/HT213604 https://support.apple.com/kb/HT213605 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 7.1EPSS: 0%CPEs: 17EXPL: 0

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema ha sido corregido en Security Update 2022-005 Catalina, macOS Big Sur versión 11.6.8 y macOS Monterey versión 12.5. • https://support.apple.com/en-us/HT213343 https://support.apple.com/en-us/HT213344 https://support.apple.com/en-us/HT213345 • CWE-125: Out-of-bounds Read •

CVSS: 7.1EPSS: 0%CPEs: 17EXPL: 0

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory. Se abordó un problema de lectura fuera de límites con una comprobación de entrada mejorada. Este problema ha sido corregido en Security Update 2022-005 Catalina, macOS Big Sur versión 11.6.8 y macOS Monterey versión 12.5. • https://support.apple.com/en-us/HT213343 https://support.apple.com/en-us/HT213344 https://support.apple.com/en-us/HT213345 • CWE-125: Out-of-bounds Read •

CVSS: 6.7EPSS: 0%CPEs: 21EXPL: 2

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges. Se abordó un problema con un manejo de memoria mejorado. Este problema ha sido corregido en iOS versión 15.6 y iPadOS versión 15.6, macOS Big Sur versión 11.6.8, watchOS versión 8.7, tvOS versión 15.6, macOS Monterey versión 12.5, Security Update 2022-005 Catalina. • https://github.com/Muirey03/CVE-2022-32832 https://github.com/AkbarTrilaksana/CVE-2022-32832 https://support.apple.com/en-us/HT213340 https://support.apple.com/en-us/HT213342 https://support.apple.com/en-us/HT213343 https://support.apple.com/en-us/HT213344 https://support.apple.com/en-us/HT213345 https://support.apple.com/en-us/HT213346 •

CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Monterey 12.5. An app may be able to gain elevated privileges. Se abordó un problema de lectura fuera de límites con una comprobación de entrada mejorada. Este problema ha sido corregido en Security Update 2022-005 Catalina, macOS Monterey versión 12.5. • https://support.apple.com/en-us/HT213343 https://support.apple.com/en-us/HT213345 • CWE-125: Out-of-bounds Read •