Filtered by vendor Apple
Subscriptions
Total
11597 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-3155 | 2 Apple, Mozilla | 2 Macos, Thunderbird | 2024-08-03 | 7.8 High |
| When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine on the received file. If the received file was an application and the user attempted to open it, then the application was started immediately without asking the user to confirm. This vulnerability affects Thunderbird < 102.3. | ||||
| CVE-2022-3215 | 1 Apple | 1 Swiftnio | 2024-08-03 | 7.5 High |
| NIOHTTP1 and projects using it for generating HTTP responses can be subject to a HTTP Response Injection attack. This occurs when a HTTP/1.1 server accepts user generated input from an incoming request and reflects it into a HTTP/1.1 response header in some form. A malicious user can add newlines to their input (usually in encoded form) and "inject" those newlines into the returned HTTP response. This capability allows users to work around security headers and HTTP/1.1 framing headers by injecting entirely false responses or other new headers. The injected false responses may also be treated as the response to subsequent requests, which can lead to XSS, cache poisoning, and a number of other flaws. This issue was resolved by adding validation to the HTTPHeaders type, ensuring that there's no whitespace incorrectly present in the HTTP headers provided by users. As the existing API surface is non-failable, all invalid characters are replaced by linear whitespace. | ||||
| CVE-2022-3053 | 3 Apple, Fedoraproject, Google | 3 Macos, Fedora, Chrome | 2024-08-03 | 4.3 Medium |
| Inappropriate implementation in Pointer Lock in Google Chrome on Mac prior to 105.0.5195.52 allowed a remote attacker to restrict user navigation via a crafted HTML page. | ||||
| CVE-2022-2294 | 6 Apple, Fedoraproject, Google and 3 more | 12 Ipados, Iphone Os, Mac Os X and 9 more | 2024-08-03 | 8.8 High |
| Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-2125 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-08-03 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2124 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-08-03 | 7.8 High |
| Buffer Over-read in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2126 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-08-03 | 7.8 High |
| Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2042 | 2 Apple, Vim | 2 Macos, Vim | 2024-08-03 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2000 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-08-03 | 7.8 High |
| Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1968 | 3 Apple, Debian, Vim | 3 Macos, Debian Linux, Vim | 2024-08-03 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1942 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-08-03 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1887 | 2 Apple, Mozilla | 2 Iphone Os, Firefox | 2024-08-03 | 9.8 Critical |
| The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS < 101. | ||||
| CVE-2022-1927 | 4 Apple, Fedoraproject, Redhat and 1 more | 5 Macos, Fedora, Enterprise Linux and 2 more | 2024-08-03 | 7.8 High |
| Buffer Over-read in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1897 | 5 Apple, Debian, Fedoraproject and 2 more | 6 Macos, Debian Linux, Fedora and 3 more | 2024-08-03 | 7.8 High |
| Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1898 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-08-03 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1874 | 2 Apple, Google | 2 Macos, Chrome | 2024-08-03 | 8.8 High |
| Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page. | ||||
| CVE-2022-1851 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-08-03 | 7.8 High |
| Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1769 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-08-03 | 7.8 High |
| Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. | ||||
| CVE-2022-1733 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-08-03 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. | ||||
| CVE-2022-1735 | 2 Apple, Vim | 2 Macos, Vim | 2024-08-03 | 7.8 High |
| Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. | ||||