Lucene search
K

7654 matches found

OSV
OSV
added 2022/11/01 8:15 p.m.2 views

UBUNTU-CVE-2022-32888

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS7.4AI score0.01144EPSS
Exploits0References11
OSV
OSV
added 2022/11/01 5:45 p.m.50 views

GHSA-8RWR-X37P-MX23 X.509 Email Address 4-byte Buffer Overflow

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...

9.8CVSS8.4AI score0.89804EPSS
Exploits6References50
OSV
OSV
added 2022/11/01 12:0 p.m.42 views

RUSTSEC-2022-0065 X.509 Email Address Variable Length Buffer Overflow

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate...

7.5CVSS8.1AI score0.91153EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2022/11/01 12:0 a.m.49 views

CVE-2022-42827

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively...

7.8CVSS3.1AI score0.01136EPSS
In wildExploits0References3
CVE
CVE
added 2022/11/01 12:0 a.m.1071 views

CVE-2022-3786

OpenSSL CVE-2022-3602 and CVE-2022-3786 describe buffer overflows in X.509 name-constraint processing triggered by crafted email addresses in certificates, potentially crashing the TLS client/server and, in some scenarios, enabling remote code execution. Documents confirm the issues affect OpenSS...

7.5CVSS8.1AI score0.91153EPSS
Exploits2References5Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/01 12:0 a.m.9 views

CVE-2022-42808

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. A remote user may be able to cause kernel code execution...

8.4AI score0.01996EPSS
Exploits0References4
CVE
CVE
added 2022/11/01 12:0 a.m.104 views

CVE-2022-42808

CVE-2022-42808 is an out-of-bounds write in Apple's kernel that could allow a remote attacker to achieve kernel code execution. Affected products include tvOS, iOS, iPadOS, macOS Ventura, and watchOS, with fixed versions: tvOS 16.1, iOS 16.1, iPadOS 16, macOS Ventura 13, and watchOS 9.1. The vuln...

9.8CVSS8.2AI score0.01996EPSS
Exploits0References4Affected Software5
Cvelist
Cvelist
added 2022/11/01 12:0 a.m.31 views

CVE-2022-42808

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. A remote user may be able to cause kernel code execution...

8.5AI score0.01996EPSS
Exploits0References4
CVE
CVE
added 2022/11/01 12:0 a.m.64 views

CVE-2022-32925

CVE-2022-32925 corresponds to an out-of-bounds write issue in Apple tvOS/iOS/watchOS. According to connected sources, the vulnerability was addressed with improved bounds checking and is fixed in tvOS 16, iOS 16, and watchOS 9. The issue could allow an app to cause an unexpected system terminatio...

7.1CVSS6.8AI score0.00253EPSS
Exploits0References3Affected Software3
Cvelist
Cvelist
added 2022/11/01 12:0 a.m.24 views

CVE-2022-32925

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to cause unexpected system termination or write kernel memory...

7.1AI score0.00253EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/11/01 12:0 a.m.6 views

CVE-2022-32888

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution...

8.4AI score0.01144EPSS
Exploits0References9
Cvelist
Cvelist
added 2022/11/01 12:0 a.m.22 views

CVE-2022-32888

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution...

8.6AI score0.01144EPSS
Exploits0References9
OpenSSL
OpenSSL
added 2022/11/01 12:0 a.m.59 views

Vulnerability in OpenSSL - X.509 Email Address Variable Length Buffer Overflow

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate...

8.1AI score0.91153EPSS
Exploits2Affected Software1
Debian CVE
Debian CVE
added 2022/11/01 12:0 a.m.166 views

CVE-2022-3786

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate...

7.5CVSS8.2AI score0.91153EPSS
Exploits2
Debian CVE
Debian CVE
added 2022/11/01 12:0 a.m.37 views

CVE-2022-32888

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS8.3AI score0.01144EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/11/01 12:0 a.m.9 views

Ubuntu: Security Advisory (USN-5707-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS9.6AI score0.02062EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/11/01 12:0 a.m.479 views

OpenSSL 3.0.0 < 3.0.7 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.0.7. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.0.7 advisory. - A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs...

7.5CVSS8.8AI score0.91153EPSS
Exploits6References7
OSV
OSV
added 2022/10/31 2:57 p.m.4 views

USN-5707-1 libtasn1-6 vulnerability

It was discovered that Libtasn1 did not properly perform bounds checking. An attacker could possibly use this issue to cause a crash...

9.1CVSS6.8AI score0.02062EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2022/10/31 2:57 p.m.42 views

USN-5707-1: Libtasn1 vulnerability

It was discovered that Libtasn1 did not properly perform bounds checking. An attacker could possibly use this issue to cause a crash...

9.1CVSS7.3AI score0.02062EPSS
Exploits1
OSV
OSV
added 2022/10/31 12:0 p.m.12 views

RUSTSEC-2022-0079 ELF header parsing library doesn't check for valid offset

The crate has several unsafe sections that don't perform proper pointer validation. An example can be found in the following function: fn sectionheaderraw&self - &ET::SectionHeader let shoff = self.elfheader.sectionheaderoffset as usize; let shnum = self.elfheader.sectionheaderentrynum as usize;...

7.2AI score
Exploits0References3
Rows per page
Query Builder