๐จ CVE-2023-32363
A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Ventura 13.4. An app may be able to bypass Privacy preferences
๐@cveNotify
A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Ventura 13.4. An app may be able to bypass Privacy preferences
๐@cveNotify
Apple Support
About the security content of macOS Ventura 13.4
This document describes the security content of macOS Ventura 13.4.
๐จ CVE-2023-32352
A logic issue was addressed with improved checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may bypass Gatekeeper checks
๐@cveNotify
A logic issue was addressed with improved checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may bypass Gatekeeper checks
๐@cveNotify
Apple Support
About the security content of macOS Big Sur 11.7.7
This document describes the security content of macOS Big Sur 11.7.7.
๐จ CVE-2023-28204
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited.
๐@cveNotify
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited.
๐@cveNotify
Apple Support
About the security content of Safari 16.5
This document describes the security content of Safari 16.5.
๐จ CVE-2023-32400
This issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. Entitlements and privacy permissions granted to this app may be used by a malicious app
๐@cveNotify
This issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. Entitlements and privacy permissions granted to this app may be used by a malicious app
๐@cveNotify
Apple Support
About the security content of iOS 16.5 and iPadOS 16.5
This document describes the security content of iOS 16.5 and iPadOS 16.5.
๐จ CVE-2023-28191
This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences
๐@cveNotify
This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences
๐@cveNotify
Apple Support
About the security content of macOS Big Sur 11.7.7
This document describes the security content of macOS Big Sur 11.7.7.
๐จ CVE-2022-42860
This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Monterey 12.6.1, macOS Big Sur 11.7.1, macOS Ventura 13. An app may be able to modify protected parts of the file system
๐@cveNotify
This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Monterey 12.6.1, macOS Big Sur 11.7.1, macOS Ventura 13. An app may be able to modify protected parts of the file system
๐@cveNotify
Apple Support
About the security content of macOS Ventura 13
This document describes the security content of macOS Ventura 13.
๐จ CVE-2023-32394
The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. A person with physical access to a device may be able to view contact information from the lock screen
๐@cveNotify
The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. A person with physical access to a device may be able to view contact information from the lock screen
๐@cveNotify
Apple Support
About the security content of tvOS 16.5
This document describes the security content of tvOS 16.5.
๐จ CVE-2023-27964
An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 5E133. When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones.
๐@cveNotify
An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 5E133. When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones.
๐@cveNotify
Apple Support
About the security content of AirPods and Beats firmware updates
This document describes the security content of AirPods and Beats firmware updates.
๐จ CVE-2023-25515
NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity.
๐@cveNotify
NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity.
๐@cveNotify
๐จ CVE-2023-24469
Potential Cross-Site Scripting in ArcSight Logger versions prior to 7.3.0
๐@cveNotify
Potential Cross-Site Scripting in ArcSight Logger versions prior to 7.3.0
๐@cveNotify
๐จ CVE-2022-24882
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In versions prior to 2.7.0, NT LAN Manager (NTLM) authentication does not properly abort when someone provides and empty password value. This issue affects FreeRDP based RDP Server implementations. RDP clients are not affected. The vulnerability is patched in FreeRDP 2.7.0. There are currently no known workarounds.
๐@cveNotify
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In versions prior to 2.7.0, NT LAN Manager (NTLM) authentication does not properly abort when someone provides and empty password value. This issue affects FreeRDP based RDP Server implementations. RDP clients are not affected. The vulnerability is patched in FreeRDP 2.7.0. There are currently no known workarounds.
๐@cveNotify
GitHub
Release Release 2.7.0 ยท FreeRDP/FreeRDP
Noteworthy changes:
Backported OpenSSL3 gateway support (#7822)
Backported various NTLM fixes
Backported WINPR_ASSERT to ease future backports
Fixed issues:
Backported #6786: Use /network:auto b...
Backported OpenSSL3 gateway support (#7822)
Backported various NTLM fixes
Backported WINPR_ASSERT to ease future backports
Fixed issues:
Backported #6786: Use /network:auto b...
๐จ CVE-2022-24891
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, there is a potential for a cross-site scripting vulnerability in ESAPI caused by a incorrect regular expression for "onsiteURL" in the **antisamy-esapi.xml** configuration file that can cause "javascript:" URLs to fail to be correctly sanitized. This issue is patched in ESAPI 2.3.0.0. As a workaround, manually edit the **antisamy-esapi.xml** configuration files to change the "onsiteURL" regular expression. More information about remediation of the vulnerability, including the workaround, is available in the maintainers' release notes and security bulletin.
๐@cveNotify
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, there is a potential for a cross-site scripting vulnerability in ESAPI caused by a incorrect regular expression for "onsiteURL" in the **antisamy-esapi.xml** configuration file that can cause "javascript:" URLs to fail to be correctly sanitized. This issue is patched in ESAPI 2.3.0.0. As a workaround, manually edit the **antisamy-esapi.xml** configuration files to change the "onsiteURL" regular expression. More information about remediation of the vulnerability, including the workaround, is available in the maintainers' release notes and security bulletin.
๐@cveNotify
GitHub
esapi-java-legacy/documentation/esapi4java-core-2.3.0.0-release-notes.txt at develop ยท ESAPI/esapi-java-legacy
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications. - ESAPI/esapi-java-...
๐จ CVE-2023-33986
SAP CRM ABAP (Grantor Management) - versions 700, 701, 702, 712, 713, 714, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application.
๐@cveNotify
SAP CRM ABAP (Grantor Management) - versions 700, 701, 702, 712, 713, 714, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application.
๐@cveNotify
๐จ CVE-2023-36348
POS Codekop v2.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the filename parameter.
๐@cveNotify
POS Codekop v2.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the filename parameter.
๐@cveNotify
YouTube
POS Codekop v2.0 Authenticated RCE
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
๐จ CVE-2023-35931
Shescape is a simple shell escape library for JavaScript. An attacker may be able to get read-only access to environment variables. This bug has been patched in version 1.7.1.
๐@cveNotify
Shescape is a simple shell escape library for JavaScript. An attacker may be able to get read-only access to environment variables. This bug has been patched in version 1.7.1.
๐@cveNotify
GitHub
Test coverage for environment variables by ericcornelissen ยท Pull Request #982 ยท ericcornelissen/shescape
Relates to #976
Summary
Improve testing w.r.t. protection against injection of environment variables. Fix a bug uncovered by these new tests in escaping for CMD, which did not cover escaping for en...
Summary
Improve testing w.r.t. protection against injection of environment variables. Fix a bug uncovered by these new tests in escaping for CMD, which did not cover escaping for en...
๐จ CVE-2023-34188
The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers.
๐@cveNotify
The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers.
๐@cveNotify
GitHub
Added check for negative value for HTTP Content-Length header by allanpark ยท Pull Request #2197 ยท cesanta/mongoose
Added check for negative value for HTTP Content-Length. HTTP "Bad request"(400) will be sent as responce.
๐จ CVE-2023-32369
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system
๐@cveNotify
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system
๐@cveNotify
Apple Support
About the security content of macOS Big Sur 11.7.7
This document describes the security content of macOS Big Sur 11.7.7.
๐จ CVE-2022-24063
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 13.2.0.21165. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15105.
๐@cveNotify
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 13.2.0.21165. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15105.
๐@cveNotify
Zerodayinitiative
ZDI-22-255
Sante DICOM Viewer Pro JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability
๐จ CVE-2022-23994
An Improper access control vulnerability in StBedtimeModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to change bedtime mode without a proper permission.
๐@cveNotify
An Improper access control vulnerability in StBedtimeModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to change bedtime mode without a proper permission.
๐@cveNotify
๐จ CVE-2022-24915
The absence of filters when loading some sections in the web application of the vulnerable device allows attackers to inject malicious code that will be interpreted when a legitimate user accesses the web section where the information is displayed. Injection can be done on specific parameters. The injected code is executed when a legitimate user attempts to upload, copy, download, or delete an existing configuration (Administrative Services).
๐@cveNotify
The absence of filters when loading some sections in the web application of the vulnerable device allows attackers to inject malicious code that will be interpreted when a legitimate user accesses the web section where the information is displayed. Injection can be done on specific parameters. The injected code is executed when a legitimate user attempts to upload, copy, download, or delete an existing configuration (Administrative Services).
๐@cveNotify
๐จ CVE-2022-24924
An improper access control in LiveWallpaperService prior to versions 3.0.9.0 allows to create a specific named system directory without a proper permission.
๐@cveNotify
An improper access control in LiveWallpaperService prior to versions 3.0.9.0 allows to create a specific named system directory without a proper permission.
๐@cveNotify