41 matches found
Command Injection
Overview electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Command Injection in the app.moveToApplicationsFolder function on macOS when handling application bundle paths containing...
Command Injection
Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Command Injection in the app.moveToApplicationsFolder function on macOS when handling application bundle...
CVE-2022-48578
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5. Processing an AppleScript may result in unexpected termination or disclosure of process memory...
CVE-2023-28179
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. Processing a maliciously crafted AppleScript binary may result in unexpected app termination or disclosure of process memory...
CVE-2022-32831
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory...
CVE-2022-32797
This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory...
PT-2022-28143 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.5 Description: An out-of-bounds read issue was addressed with improved bounds checking. Processing an AppleScript may result in unexpected termination or disclosure of process memory. Recommendations: For versions...
PT-2022-21506 · Apple · Apple Macos +1
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.6.8 macOS versions prior to 12.5 macOS Catalina affected versions not specified, with fix in Security Update 2022-005 Description: The issue is related to an out-of-bounds read that can be triggered by processing a...
PT-2022-21524 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.5 Description: An out-of-bounds read issue was addressed with improved input validation. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory...
PT-2022-21476 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: Apple macOS versions prior to macOS Big Sur 11.6.8 Apple macOS versions prior to macOS Monterey 12.5 Apple macOS Catalina version with Security Update 2022-005 Description: The issue concerns the processing of maliciously crafted AppleScript...
Apple macOS 缓冲区错误漏洞
Apple macOS is a suite of specialized operating systems developed by Apple Inc. for Mac computers. A buffer error vulnerability exists in Apple macOS versions 10.15 19A583 - 10.15.7 19H1823, which stems from a boundary condition in AppleScript. A local attacker can exploit the vulnerability to...
CVE-2022-22627
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process...
CVE-2022-22627
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process...
CVE-2022-22626
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process...
CVE-2022-22626
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process...
Apple macOS Big Sur 缓冲区错误漏洞
Apple macOS Big Sur is a mobile application app from Apple USA. A buffer error vulnerability exists in Apple macOS Big Sur prior to version 11.6.5, which stems from a faulty boundary condition in AppleScript. A remote attacker can trick a victim into running a specially crafted binary to exploit...
PT-2022-15577 · Apple · Applescript +1
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.6.5 macOS versions prior to 12.3 Security Update versions prior to 2022-003 Catalina Description: An out-of-bounds read issue was addressed with improved bounds checking. Processing a maliciously crafted AppleScript...
CVE-2021-30879
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process...
CVE-2021-30876
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process...
Apple macOS 安全特征问题漏洞
Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security signature issue vulnerability exists in macOS that stems from a logic error in AppleScript. Native applications can bypass Gatekeeper checks. The vulnerability allows native applications to bypass...