Lucene search

Macos Security Vulnerabilities - February 2022

cve

CVE-2021-45444

In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion.

7.8CVSS

7.8AI Score

0.001EPSS

2022-02-14 12:15 PM

228

cve

CVE-2022-0530

A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.

5.5CVSS

5.3AI Score

0.002EPSS

2022-02-09 11:15 PM

302

cve

CVE-2022-0554

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.

7.8CVSS

7.6AI Score

0.001EPSS

2022-02-10 10:15 PM

130

cve

CVE-2022-0572

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

7.8CVSS

8AI Score

0.001EPSS

2022-02-14 12:15 PM

199

cve

CVE-2022-0629

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

7.8CVSS

8AI Score

0.001EPSS

2022-02-17 12:15 PM

168

cve

CVE-2022-0685

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418.

7.8CVSS

8.1AI Score

0.001EPSS

2022-02-20 11:15 AM

172

cve

CVE-2022-0696

NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428.

5.5CVSS

6.2AI Score

0.001EPSS

2022-02-21 08:15 PM

158

cve

CVE-2022-0714

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.

5.5CVSS

6.8AI Score

0.001EPSS

2022-02-22 08:15 PM

203

cve

CVE-2022-0729

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440.

8.8CVSS

8.6AI Score

0.003EPSS

2022-02-23 02:15 PM

192

cve

CVE-2022-23308

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.

7.5CVSS

7.7AI Score

0.005EPSS

2022-02-26 05:15 AM

358