Vulnerabilities > Apple > Macos > 12.6.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-02 | CVE-2023-4734 | Integer Overflow or Wraparound vulnerability in multiple products Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846. | 7.8 |
2023-07-17 | CVE-2023-38403 | Integer Overflow or Wraparound vulnerability in multiple products iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field. | 7.5 |
2023-06-23 | CVE-2023-32373 | Use After Free vulnerability in multiple products A use-after-free issue was addressed with improved memory management. | 8.8 |
2023-05-26 | CVE-2023-28322 | An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. | 3.7 |
2023-05-19 | CVE-2023-30774 | Out-of-bounds Write vulnerability in multiple products A vulnerability was found in the libtiff library. | 5.5 |
2023-02-27 | CVE-2022-46705 | Unspecified vulnerability in Apple products A spoofing issue existed in the handling of URLs. | 4.3 |
2022-09-29 | CVE-2022-1725 | NULL Pointer Dereference vulnerability in multiple products NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. | 5.5 |
2022-07-07 | CVE-2022-32205 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. | 4.3 |
2022-07-07 | CVE-2022-32207 | Incorrect Default Permissions vulnerability in multiple products When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended. | 9.8 |
2022-07-07 | CVE-2022-32208 | Out-of-bounds Write vulnerability in multiple products When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. | 5.9 |