CVE-2023-42849

MEDIUM Year: 2023
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-119
View all →

Vulnerability Description

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.

Related Vulnerabilities

CVE-2010-0109

MEDIUM
CVSS:6.5(Medium)

DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to cause a denial of service via a crafted request.

CWE-1192010

CVE-2014-7221

MEDIUM
CVSS:6.5(Medium)

TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (buffer overflow and application crash) by connecting to a channel with a different client instance, ...

CWE-1192014

CVE-2014-9092

MEDIUM
CVSS:6.5(Medium)

libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.

CWE-1192014

CVE-2014-9655

MEDIUM
CVSS:6.5(Medium)

The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a...

CWE-1192014

CVE-2015-1547

MEDIUM
CVSS:6.5(Medium)

The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff5.tif.

CWE-1192015

CVE-2015-4407

MEDIUM
CVSS:6.5(Medium)

Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP request,...

CWE-1192015