Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:apple:macos:11.1:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-37434 |
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). Published: August 05, 2022; 3:15:07 AM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2022-2294 |
Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Published: July 27, 2022; 10:15:07 PM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2022-32208 |
When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client. Published: July 07, 2022; 9:15:08 AM -0400 |
V3.1: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2022-32207 |
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended. Published: July 07, 2022; 9:15:08 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2022-32205 |
A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven't expired. Due to cookie matching rules, a server on `foo.example.com` can set cookies that also would match for `bar.example.com`, making it it possible for a "sister server" to effectively cause a denial of service for a sibling site on the same second level domain using this method. Published: July 07, 2022; 9:15:08 AM -0400 |
V3.1: 4.3 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2022-1720 |
Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution. Published: June 20, 2022; 11:15:10 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2022-2126 |
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. Published: June 19, 2022; 9:15:07 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2022-2125 |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Published: June 19, 2022; 8:15:07 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2022-2124 |
Buffer Over-read in GitHub repository vim/vim prior to 8.2. Published: June 19, 2022; 6:15:09 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2022-2042 |
Use After Free in GitHub repository vim/vim prior to 8.2. Published: June 10, 2022; 3:15:08 PM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2022-2000 |
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. Published: June 09, 2022; 12:15:08 PM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2022-1968 |
Use After Free in GitHub repository vim/vim prior to 8.2. Published: June 02, 2022; 10:15:34 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2022-1942 |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Published: May 31, 2022; 10:15:07 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2022-1927 |
Buffer Over-read in GitHub repository vim/vim prior to 8.2. Published: May 29, 2022; 10:15:08 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2022-1897 |
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. Published: May 27, 2022; 11:15:07 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2022-1898 |
Use After Free in GitHub repository vim/vim prior to 8.2. Published: May 27, 2022; 5:15:08 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2022-26776 |
This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An attacker may be able to cause unexpected application termination or arbitrary code execution. Published: May 26, 2022; 4:15:10 PM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2022-26770 |
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges. Published: May 26, 2022; 4:15:09 PM -0400 |
V3.1: 7.8 HIGH V2.0: 9.3 HIGH |
CVE-2022-26769 |
A memory corruption issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges. Published: May 26, 2022; 4:15:09 PM -0400 |
V3.1: 7.8 HIGH V2.0: 9.3 HIGH |
CVE-2022-26768 |
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges. Published: May 26, 2022; 4:15:09 PM -0400 |
V3.1: 7.8 HIGH V2.0: 9.3 HIGH |