12.6.7

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-02	CVE-2023-4734	Integer Overflow or Wraparound vulnerability in multiple products Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846. local low complexity vim apple CWE-190	7.8
2023-07-17	CVE-2023-38403	Integer Overflow or Wraparound vulnerability in multiple products iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field. network low complexity es debian fedoraproject netapp apple CWE-190	7.5
2023-06-23	CVE-2023-32373	Use After Free vulnerability in multiple products A use-after-free issue was addressed with improved memory management. network low complexity apple redhat CWE-416	8.8
2023-05-26	CVE-2023-28322	An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. network high complexity haxx fedoraproject apple netapp	3.7
2023-05-19	CVE-2023-30774	Out-of-bounds Write vulnerability in multiple products A vulnerability was found in the libtiff library. local low complexity libtiff apple CWE-787	5.5
2023-02-27	CVE-2022-46705	Unspecified vulnerability in Apple products A spoofing issue existed in the handling of URLs. network low complexity apple	4.3
2022-09-29	CVE-2022-1725	NULL Pointer Dereference vulnerability in multiple products NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. local low complexity vim apple CWE-476	5.5
2022-07-07	CVE-2022-32205	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. network low complexity haxx fedoraproject debian netapp apple siemens splunk CWE-770	4.3
2022-07-07	CVE-2022-32207	Incorrect Default Permissions vulnerability in multiple products When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally widen the permissions for the target file, leaving the updated file accessible to more users than intended. network low complexity haxx fedoraproject debian netapp apple splunk CWE-276 critical	9.8
2022-07-07	CVE-2022-32208	Out-of-bounds Write vulnerability in multiple products When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. network high complexity haxx fedoraproject debian netapp apple splunk CWE-787	5.9