Safari - CVE CyberSecurity Database News (Page 24)

Sep 20, 2022 API Safari

CVE-2022-32863 Memory corruption issue fixed in Safari 15.6, macOS Monterey 12.5.

This issue is fixed in Safari 15.5, macOS High Sierra 10.13.1. It may be possible to use social engineering techniques to trick

Sep 9, 2022 Windows WMI Safari Chrome

CVE-2022-38614 IGB Files and OutfileService has an issue where attackers can list and download files by modifying the PATH parameter.

The vulnerability exists due to the Ingesting Service exposing a user-controlled Path variable to the application. An attacker can leverage this to append arbitrary file

Aug 25, 2022 Windows Safari Apache Chrome

CVE-2022-37081 TOTOLINK A7000R V9.1.0u.6115 contains a command injection vulnerability via the command parameter at setting/setTracerouteCfg.

This issue can be exploited by an attacker by passing the following request to the targeted Apache server: POST /cgi-bin/setTracerouteCfg HTTP/1.0 Host:

Aug 24, 2022 Safari iOS

CVE-2022-32893 An out-of-bounds write issue was fixed in iOS/iPadOS/MacOS Monterey/Safari 15.6.1. Malicious content may lead to arbitrary code execution.

The issue is addressed by installing the latest software updates. An out-of-bounds read issue was discovered in the caching of font assets. This issue may

Jun 15, 2022 Windows Mac Safari iOS

CVE-2022-32550 An issue was found in AgileBits 1Password's method for connecting to the 1Password service.

This could then lead to the disclosure of passwords or other sensitive data. To reduce the likelihood of this happening, 1Password apps and integrations are