Category Archives: Advisories

USN-5327-1: rsh vulnerability

Read Time:11 Second

Hiroyuki Yamamori discovered that rsh incorrectly handled certain
filenames. If a user or automated system were tricked into connecting to a
malicious rsh server, a remote attacker could possibly use this issue to
modify directory permissions.

Read More

Post Title

Read Time:57 Second

Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution.

GarageBand is an audio tool
iOS is a mobile operating system for mobile devices, including the iPhone, iPad, and iPod touch.
iPadOS is the successor to iOS 12 and is a mobile operating system for iPads.
Logic Pro X is a digital audio workstation
macOS Monterey is the 18th and current major release of macOS.
macOS Big Sur is the 17th release of macOS.
macOS Catalina is the 16th major release of macOS
watchOS is the mobile operating system for Apple Watch and is based on the iOS operating system.
tvOS is an operating system for fourth-generation Apple TV digital media player.
Xcode is Apple’s integrated development environment for macOS
Successful exploitation of the most severe of these vulnerabilities could result in arbitrary code execution within the context of the application, an attacker gaining the same privileges as the logged-on user, or the bypassing of security restrictions. Depending on the permission associated with the application running the exploit, an attacker could then install programs; view, change, or delete data.

Read More

cabal-rpm-2.0.11-1.fc34

Read Time:11 Second

FEDORA-2022-78559f99a9

Packages in this update:

cabal-rpm-2.0.11-1.fc34

Update description:

take build-tool-depends into account (#65)
‘spec’,’update’: detect autorelease and preserve autochangelog (#66)
‘spec –standalone’: strip executable
support _builddir

Read More

cabal-rpm-2.0.11-1.fc35

Read Time:11 Second

FEDORA-2022-429861c39a

Packages in this update:

cabal-rpm-2.0.11-1.fc35

Update description:

take build-tool-depends into account (#65)
‘spec’,’update’: detect autorelease and preserve autochangelog (#66)
‘spec –standalone’: strip executable
support _builddir

Read More

APPLE-SA-2022-03-14-4 macOS Monterey 12.3

Read Time:23 Second

Posted by Apple Product Security via Fulldisclosure on Mar 14

APPLE-SA-2022-03-14-4 macOS Monterey 12.3

macOS Monterey 12.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213183.

Accelerate Framework
Available for: macOS Monterey
Impact: Opening a maliciously crafted PDF file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue was addressed with improved
state…

Read More

APPLE-SA-2022-03-14-2 watchOS 8.5

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Mar 14

APPLE-SA-2022-03-14-2 watchOS 8.5

watchOS 8.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213193.

Accelerate Framework
Available for: Apple Watch Series 3 and later
Impact: Opening a maliciously crafted PDF file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue was addressed with improved
state…

Read More

APPLE-SA-2022-03-14-1 iOS 15.4 and iPadOS 15.4

Read Time:27 Second

Posted by Apple Product Security via Fulldisclosure on Mar 14

APPLE-SA-2022-03-14-1 iOS 15.4 and iPadOS 15.4

iOS 15.4 and iPadOS 15.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213182.

Accelerate Framework
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: Opening a maliciously crafted PDF file may lead to…

Read More

APPLE-SA-2022-03-14-3 tvOS 15.4

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Mar 14

APPLE-SA-2022-03-14-3 tvOS 15.4

tvOS 15.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213186.

AppleAVD
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted image may lead to heap
corruption
Description: A memory corruption issue was addressed with improved
validation.
CVE-2022-22666: Marc Schoenefeld, Dr. rer. nat.

AVEVideoEncoder…

Read More

APPLE-SA-2022-03-14-5 macOS Big Sur 11.6.5

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Mar 14

APPLE-SA-2022-03-14-5 macOS Big Sur 11.6.5

macOS Big Sur 11.6.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213184.

Accelerate Framework
Available for: macOS Big Sur
Impact: Opening a maliciously crafted PDF file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue was addressed with improved
state…

Read More