CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32351
https://notcve.org/view.php?id=CVE-2023-32351
A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to gain elevated privileges. • https://support.apple.com/en-us/HT213763 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-32353
https://notcve.org/view.php?id=CVE-2023-32353
A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to elevate privileges. • https://github.com/86x/CVE-2023-32353-PoC https://support.apple.com/en-us/HT213763 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26774
https://notcve.org/view.php?id=CVE-2022-26774
A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. A local attacker may be able to elevate their privileges. Se abordó un problema de lógica con una administración de estados mejorada. Este problema es corregido en iTunes versión 12.12.4 para Windows. • https://support.apple.com/en-us/HT213259 •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2022-26773 – Apple iTunes Incorrect Permission Assignment Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-26773
A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. An application may be able to delete files for which it does not have permission. Se abordó un problema lógico con una administración de estados mejorada. Este problema es corregido en iTunes versión 12.12.4 para Windows. • https://support.apple.com/en-us/HT213259 •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 1CVE-2022-26717 – webkitgtk: Use-after-free leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-26717
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. Se solucionó un problema de uso después de la liberación con una gestión de memoria mejorada. Este problema se solucionó en tvOS 15.5, watchOS 8.6, iOS 15.5 y iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 para Windows. • https://github.com/theori-io/CVE-2022-26717-Safari-WebGL-Exploit https://support.apple.com/en-us/HT213253 https://support.apple.com/en-us/HT213254 https://support.apple.com/en-us/HT213257 https://support.apple.com/en-us/HT213258 https://support.apple.com/en-us/HT213259 https://support.apple.com/en-us/HT213260 https://access.redhat.com/security/cve/CVE-2022-26717 https://bugzilla.redhat.com/show_bug.cgi?id=2092735 • CWE-416: Use After Free •