This issue is fixed in macOS Catalina 10.15.3.
A malicious application may be able to execute arbitrary code with kernel privileges.Ī memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. Multiple memory corruption issues were addressed with improved state management. A malicious application may be able to execute arbitrary code with kernel privileges. A remote attacker may be able to leak memory.Ī memory corruption issue was addressed with improved input validation. Multiple issues in Vim.Īpple - macos_catalina_and_mojave_and_high_sierraĪn out-of-bounds read was addressed with improved input validation. Multiple issues were addressed by updating to version. An application may be able to execute arbitrary code with system privileges.
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.Ī memory corruption issue was addressed with improved memory handling.
An unauthenticated, remote attacker can exploit this via a series of crafted requests. Jon Hedley AlienForm2 (typically installed as af.cgi or alienform.cgi) 2.0.2 is vulnerable to Remote Command Execution via eval injection, a different issue than CVE-2002-0934. An XXE issue exists in Accenture Mercury before 1.12.28 because of the platformlambda/core/serializers/SimpleXmlParser.java component.