Apple watchOS up to 8.1.1 WebKit out-of-bounds read

A vulnerability has been found in Apple watchOS up to 8.1.1 (Smartwatch Operating System) and classified as critical. Affected by this vulnerability is an unknown part of the component WebKit. Upgrading to version 8.3 eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-33595 : CPYTHON 3.12.0 ALPHA 7 /OBJECTS/UNICODEOBJECT.C ASCII_DECODE USE AFTER FREE

CVE-2023-33595 : CPYTHON 3.12.0 ALPHA 7 /OBJECTS/UNICODEOBJECT.C ASCII_DECODE USE AFTER FREE

Description CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c. References https://github.com/python/cpython/issues/103824

CVE-2023-33553 : PLANET WDRT-1800AX 1.01-CP2 COOKIE LOGINSTATUS IMPROPER AUTHENTICATION

CVE-2023-33553 : PLANET WDRT-1800AX 1.01-CP2 COOKIE LOGINSTATUS IMPROPER AUTHENTICATION

Description An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication and escalate privileges to root via manipulation

CVE-2023-20887 : VMWARE ARIA OPERATIONS FOR NETWORKS 6.X COMMAND INJECTION

CVE-2023-20887 : VMWARE ARIA OPERATIONS FOR NETWORKS 6.X COMMAND INJECTION

Description Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations