CVE-2021-44790 – Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier
https://notcve.org/view.php?id=CVE-2021-44790
A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. Un cuerpo de petición cuidadosamente diseñado puede causar un desbordamiento de búfer en el analizador multiparte mod_lua (r:parsebody() llamado desde scripts Lua). El equipo de Apache httpd no presenta constancia de que se presente una explotación para esta vulnerabilidad, aunque podría ser posible diseñar uno. • https://www.exploit-db.com/exploits/51193 https://github.com/nuPacaChi/-CVE-2021-44790 http://httpd.apache.org/security/vulnerabilities_24.html http://packetstormsecurity.com/files/171631/Apache-2.4.x-Buffer-Overflow.html http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 http://www.openwall.com/lists/oss-security/2021/12/20/4 https://lists.fedoraproject.org/archives/list/package-announce • CWE-787: Out-of-bounds Write •
CVE-2021-30817
https://notcve.org/view.php?id=CVE-2021-30817
A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.5. A malicious application may be able to access data about the accounts the user is using Family Sharing with. Se abordó un problema de permisos con una comprobación mejorada. Este problema se corrigió en macOS Big Sur versión 11.5. • https://support.apple.com/en-us/HT212602 •
CVE-2021-1821
https://notcve.org/view.php?id=CVE-2021-1821
A logic issue was addressed with improved state management. This issue is fixed in watchOS 7.6, macOS Big Sur 11.5. Visiting a maliciously crafted webpage may lead to a system denial of service. Se abordó un problema de lógica con una administración de estado mejorada. Este problema se corrigió en watchOS versión 7.6 y macOS Big Sur versión 11.5. • https://support.apple.com/en-us/HT212602 https://support.apple.com/en-us/HT212605 •
CVE-2020-29629
https://notcve.org/view.php?id=CVE-2020-29629
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to read restricted memory. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema se corrigió en macOS Big Sur versión 11.0.1. • https://support.apple.com/en-us/HT211931 • CWE-125: Out-of-bounds Read •
CVE-2020-9897
https://notcve.org/view.php?id=CVE-2020-9897
An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Big Sur 11.0.1. Processing a maliciously crafted PDF may lead to arbitrary code execution. Se abordó una escritura fuera de límites con una comprobación de entrada mejorada. Este problema se corrigió en iOS versión 14.2 y iPadOS versión 14.2, macOS Big Sur versión 11.0.1. • https://support.apple.com/en-us/HT211929 https://support.apple.com/en-us/HT211931 • CWE-787: Out-of-bounds Write •