A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used.
Category Archives: Advisories
APPLE-SA-2022-05-16-2 macOS Monterey 12.4
Posted by Apple Product Security via Fulldisclosure on May 16
APPLE-SA-2022-05-16-2 macOS Monterey 12.4
macOS Monterey 12.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213257.
AMD
Available for: macOS Monterey
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2022-26772: an anonymous researcher
AMD
Available…
APPLE-SA-2022-05-16-6 tvOS 15.5
Posted by Apple Product Security via Fulldisclosure on May 16
APPLE-SA-2022-05-16-6 tvOS 15.5
tvOS 15.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213254.
AppleAVD
Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple
TV HD
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2022-26702: an anonymous…
APPLE-SA-2022-05-16-5 watchOS 8.6
Posted by Apple Product Security via Fulldisclosure on May 16
APPLE-SA-2022-05-16-5 watchOS 8.6
watchOS 8.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213253.
AppleAVD
Available for: Apple Watch Series 3 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2022-26702: an anonymous researcher
AppleAVD…
APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6
Posted by Apple Product Security via Fulldisclosure on May 16
APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6
macOS Big Sur 11.6.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213256.
apache
Available for: macOS Big Sur
Impact: Multiple issues in apache
Description: Multiple issues were addressed by updating apache to
version 2.4.53.
CVE-2021-44224
CVE-2021-44790
CVE-2022-22719
CVE-2022-22720
CVE-2022-22721
AppKit
Available for: macOS…
APPLE-SA-2022-05-16-1 iOS 15.5 and iPadOS 15.5
Posted by Apple Product Security via Fulldisclosure on May 16
APPLE-SA-2022-05-16-1 iOS 15.5 and iPadOS 15.5
iOS 15.5 and iPadOS 15.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213258.
AppleAVD
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with
kernel…
APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina
Posted by Apple Product Security via Fulldisclosure on May 16
APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina
Security Update 2022-004 Catalina addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213255.
apache
Available for: macOS Catalina
Impact: Multiple issues in apache
Description: Multiple issues were addressed by updating apache to
version 2.4.53.
CVE-2021-44224
CVE-2021-44790
CVE-2022-22719
CVE-2022-22720
CVE-2022-22721…
APPLE-SA-2022-05-16-7 Safari 15.5
Posted by Apple Product Security via Fulldisclosure on May 16
APPLE-SA-2022-05-16-7 Safari 15.5
Safari 15.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213260.
WebKit
Available for: macOS Big Sur and macOS Catalina
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption issue was addressed with improved
state management.
WebKit Bugzilla: 238178
CVE-2022-26700: ryuzaki
WebKit…
APPLE-SA-2022-05-16-8 Xcode 13.4
Posted by Apple Product Security via Fulldisclosure on May 16
APPLE-SA-2022-05-16-8 Xcode 13.4
Xcode 13.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213261.
Git
Available for: macOS Monterey 12 or later
Impact: On multi-user machines Git users might find themselves
unexpectedly in a Git worktree
Description: A logic issue was addressed with improved state
management.
CVE-2022-24765: 俞晨东
IDE
Available for: macOS Monterey 12…
CVE-2022-24108: OpenCart’s plugin “So Listing Tabs” <= 2.2.0 Deserialization of Untrusted Data
Posted by Denis Mironov on May 16
[-] Affected Versions:
Version 2.2.0 is affected, and prior versions are likely affected too.
[-] Vulnerabilities Description:
Vulnerable component is switching to another tab. To exploit
vulnerability, an attacker may send a POST request (with
application/x-www-form-urlencoded content-type) to AJAX endpoint
(usually “/index.php”) with “is_ajax_listing_tabs” parameter set to
“1” and “setting” parameter…