Apple macOS vulnerabilities

CVE-2022-28739 [HIGH] CWE-125 CVE-2022-28739: There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x b There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.

CVE-2022-1620 [HIGH] CWE-476 CVE-2022-1620: NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vi NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.

CVE-2022-1619 [HIGH] CWE-122 CVE-2022-1619: Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2 Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution

CVE-2022-1616 [HIGH] CWE-416 CVE-2022-1616: Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution

CVE-2022-1420 [MEDIUM] CWE-823 CVE-2022-1420: Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.

CVE-2022-29458 [HIGH] CWE-125 CVE-2022-29458: ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_st ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.

CVE-2022-1381 [HIGH] CWE-122 CVE-2022-1381: global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulne global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution

CVE-2020-13495 [MEDIUM] CWE-119 CVE-2020-13495: An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary US An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access that could lead to the disclosure of sensitive information. This vulnerability could be used to bypass mitigations and aid additional exploitation. To tri

CVE-2022-24070 [HIGH] CWE-416 CVE-2022-24070: Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorizati Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected.

CVE-2021-28544 [MEDIUM] CWE-200 CVE-2021-28544: Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a protected location, users with access to the copy can see the 'copyfrom' path of the original. This also reveals the fact t

CVE-2022-29048 [MEDIUM] CWE-352 CVE-2022-29048: A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier al A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier allows attackers to connect to an attacker-specified URL.

CVE-2022-29046 [MEDIUM] CWE-79 CVE-2022-29046: Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subver Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion tags (and more) parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

CVE-2022-24836 [HIGH] CWE-400 CVE-2022-24836: Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `< v1.13.4` contains an inefficie Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `= 1.13.4`. There are no known workarounds for this issue.

CVE-2018-25032 [HIGH] CWE-787 CVE-2018-25032: zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

CVE-2022-22587 [CRITICAL] CWE-787 CVE-2022-22587: A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 1 A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, macOS Big Sur 11.6.3, macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..

CVE-2022-22586 [CRITICAL] CWE-787 CVE-2022-22586: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in mac An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges.

CVE-2022-22641 [CRITICAL] CWE-416 CVE-2022-22641: A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15 A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. An application may be able to gain elevated privileges.

CVE-2022-22632 [CRITICAL] CVE-2022-22632: A logic issue was addressed with improved state management. This issue is fixed in tvOS 15.4, iOS 15 A logic issue was addressed with improved state management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, watchOS 8.5, macOS Monterey 12.3. A malicious application may be able to elevate privileges.

CVE-2022-22639 [HIGH] CVE-2022-22639: A logic issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPad A logic issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. An application may be able to gain elevated privileges.

CVE-2022-22611 [HIGH] CWE-125 CVE-2022-22611: An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15.4 An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to arbitrary code execution.