Macos Security Vulnerabilities and Issues — Macos CVE List

Lucene search

AppleMacos

9 matches found

CVE•added 2022/04/12 6:15 p.m.•332 views

CVE-2022-24070

Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn ar...

7.5CVSS7.6AI score0.00387EPSS

CVE•added 2022/04/18 9:15 p.m.•280 views

CVE-2022-29458

ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.

7.1CVSS6.8AI score0.00029EPSS

CVE•added 2022/04/18 1:15 a.m.•251 views

CVE-2022-1381

global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution

7.8CVSS8AI score0.00052EPSS

CVE•added 2022/04/11 10:15 p.m.•204 views

CVE-2022-24836

Nokogiri is an open source XML and HTML library for Ruby. Nokogiri = 1.13.4. There are no known workarounds for this issue.

7.5CVSS7.5AI score0.01203EPSS

CVE•added 2022/04/12 8:15 p.m.•181 views

CVE-2022-29046

Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion tags (and more) parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

5.4CVSS5.2AI score0.01715EPSS

CVE•added 2022/04/12 6:15 p.m.•161 views

CVE-2021-28544

Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a protected location, users with access to the copy can see the 'copyfrom...

4.3CVSS5.7AI score0.00164EPSS

CVE•added 2022/04/21 11:15 a.m.•138 views

CVE-2022-1420

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.

6.8CVSS6.5AI score0.00055EPSS

CVE•added 2022/04/12 8:15 p.m.•112 views

CVE-2022-29048

A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier allows attackers to connect to an attacker-specified URL.

4.3CVSS4.7AI score0.00079EPSS

CVE•added 2022/04/18 5:15 p.m.•52 views

CVE-2020-13495

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access that could lead to the disclosure of sensitive information. This vulnerability could be used to bypass...

5.5CVSS5.5AI score0.002EPSS