Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

CVE-2021-44705: Adobe Security Bulletin

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE
#vulnerability#mac#windows#apple#cisco#dos#buffer_overflow#ssh#zero_day
CVE-2021-45779: [bug #61726] NULL Pointer Dereference in unsetcmd() at inetutils/telnet/

A NULL pointer dereference in unsetcmd() at inetutils/telnet/commands.c of GNU Inetutils v2.2.16-cf091 can lead to a segmentation fault or application crash.

CVE-2021-45778: [bug #61723] NULL Pointer Dereference in setnmap() at cmds.c:2303

A NULL pointer dereference in setnmap() at cmds.c of GNU Inetutils v2.2.16-cf091 can lead to a segmentation fault or application crash.

CVE-2021-45775: [bug #61724] Infinite Loop in domacro at domacro.c:258

GNU Inetutils 2.2.16-cf091 was discovered to contain an infinite loop in domacro at domacro.c.

CVE-2021-45061: Adobe Security Bulletin

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2021-46255: There is an arbitrary file deletion vulnerability in your code · Issue #21 · eyoucms/eyoucms

eyouCMS V1.5.5-UTF8-SP3_1 suffers from Arbitrary file deletion due to insufficient filtering of the parameter filename.

CVE-2021-40571: fixed #1895 · gpac/gpac@a69b567

The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ilst_box_read function in box_code_apple.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.

CVE-2022-22836: CoreFTP Arbitrary File Write(CVE-2022-22836) and Remote DoS

CoreFTP Server before 727 allows directory traversal (for file creation) by an authenticated attacker via ../ in an HTTP PUT request.

CVE-2021-45489

In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.

CVE-2017-13835: About the security content of macOS High Sierra 10.13

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS High Sierra 10.13. An application may be able to execute arbitrary code with elevated privileges.