CVE-2022-42796

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.7 and iPadOS 15.7, macOS Ventura 13. An app may be able to gain elevated privileges...

MAL-2022-5053 Malicious code in okqaelhmbfuwipvz (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 17c01ccb3601c78a3af99f6779be6a4d9295bc0cf449116648d5c7e493fc01aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-26746

Summary (CVE-2022-26746) Apple macOS contained a vulnerability that could let a malicious app bypass Privacy preferences. It was addressed by removing the vulnerable code and is fixed in Security Update 2022-004 for Catalina, macOS Monterey 12.4, and macOS Big Sur 11.6.6. Across multiple sources,...

CVE-2019-8532

A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in watchOS 5.2, iOS 12.2. A malicious application may be able to access restricted files...

WordPress: [mercantile.wordpress.org] Reflected XSS

@zeeshan found a bypass for 230234. Payload used : constructor.constructor'alertdocument.domain' URL to trigger XSS : https://mercantile.wordpress.org/?s=%26%23123%3B%26%23123%3Bconstructor.constructor%28%27alert%28document.domain%29%27%29%28%29%7D%7D&posttype=product ----- Soon after another XSS...

CVE-2015-5218

Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service crash via a crafted file, related to the page global variable...