Macos

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-24	CVE-2022-32840	Unspecified vulnerability in Apple products This issue was addressed with improved checks. local low complexity apple	7.8
2022-08-24	CVE-2022-32857	Unspecified vulnerability in Apple products This issue was addressed by using HTTPS when sending information over the network. low complexity apple	4.3
2022-08-24	CVE-2022-32893	Out-of-bounds Write vulnerability in multiple products An out-of-bounds write issue was addressed with improved bounds checking. network low complexity apple fedoraproject debian webkitgtk wpewebkit CWE-787	8.8
2022-08-24	CVE-2022-32894	Out-of-bounds Write vulnerability in Apple products An out-of-bounds write issue was addressed with improved bounds checking. local low complexity apple CWE-787	7.8
2022-08-05	CVE-2022-37434	Out-of-bounds Write vulnerability in multiple products zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. network low complexity zlib fedoraproject debian netapp apple stormshield CWE-787 critical	9.8
2022-07-28	CVE-2022-2294	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject webkitgtk wpewebkit apple webrtc-project CWE-787	8.8
2022-07-07	CVE-2022-32205	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. network low complexity haxx fedoraproject debian netapp apple siemens splunk CWE-770	4.3
2022-07-07	CVE-2022-32207	Incorrect Default Permissions vulnerability in multiple products When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally widen the permissions for the target file, leaving the updated file accessible to more users than intended. network low complexity haxx fedoraproject debian netapp apple splunk CWE-276 critical	9.8
2022-07-07	CVE-2022-32208	Out-of-bounds Write vulnerability in multiple products When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. network high complexity haxx fedoraproject debian netapp apple splunk CWE-787	5.9
2022-06-20	CVE-2022-1720	Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. local low complexity vim debian fedoraproject apple	7.8