CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32892 – Apple Security Advisory 2022-10-24-2
https://notcve.org/view.php?id=CVE-2022-32892
31 Oct 2022 — An access issue was addressed with improvements to the sandbox. This issue is fixed in Safari 16, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13. A sandboxed process may be able to circumvent sandbox restrictions. Se solucionó un problema de acceso con mejoras en el sandbox. Este problema se solucionó en Safari 16, iOS 15.7 y iPadOS 15.7, iOS 16, macOS Ventura 13. • https://support.apple.com/en-us/HT213442 •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32922 – Apple Safari PDFPluginAnnotation Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-32922
31 Oct 2022 — A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. Processing maliciously crafted web content may lead to arbitrary code execution. Se solucionó un problema de Use After Free con una gestión de memoria mejorada. Este problema se solucionó en Safari 16.1, iOS 16.1 y iPadOS 16, macOS Ventura 13. • https://support.apple.com/en-us/HT213488 • CWE-416: Use After Free •
CVSS: 6.4EPSS: 0%CPEs: 11EXPL: 0CVE-2022-42799 – webkitgtk: issue was addressed with improved UI handling
https://notcve.org/view.php?id=CVE-2022-42799
31 Oct 2022 — The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing. El problema se solucionó mejorando el manejo de la interfaz de usuario. Este problema se solucionó en tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 y iPadOS 16. • http://www.openwall.com/lists/oss-security/2022/11/04/4 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-32861
https://notcve.org/view.php?id=CVE-2022-32861
20 Sep 2022 — A logic issue was addressed with improved state management. This issue is fixed in Safari 15.6, macOS Monterey 12.5. A user may be tracked through their IP address. Se abordó un problema de lógica con administración de estados mejorada. Este problema es corregido en Safari versión 15.6, macOS Monterey versión 12.5. • https://support.apple.com/en-us/HT213341 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-32863
https://notcve.org/view.php?id=CVE-2022-32863
20 Sep 2022 — A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 15.6, macOS Monterey 12.5. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con administración de estados mejorada. Este problema es corregido en Safari versión 15.6, macOS Monterey versión 12.5. • https://support.apple.com/en-us/HT213341 • CWE-787: Out-of-bounds Write •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-32868 – Apple Security Advisory 2022-09-12-1
https://notcve.org/view.php?id=CVE-2022-32868
13 Sep 2022 — A logic issue was addressed with improved state management. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. A website may be able to track users through Safari web extensions. Se abordó un problema de lógica con una administración de estados mejorada. Este problema es corregido en Safari versión 16, iOS versión 16, iOS versión 15.7 y iPadOS versión 15.7. • http://seclists.org/fulldisclosure/2022/Oct/39 •
CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32891 – webkitgtk: UI spoofing while Visiting a website that frames malicious content
https://notcve.org/view.php?id=CVE-2022-32891
13 Sep 2022 — The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16, watchOS 9, iOS 16. Visiting a website that frames malicious content may lead to UI spoofing. A vulnerability was found in webkitgtk, where an issue was addressed with improved UI handling. Visiting a website that frames malicious content may lead to UI spoofing. • https://security.gentoo.org/glsa/202305-32 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-32886 – webkitgtk: buffer overflow issue was addressed with improved memory handling
https://notcve.org/view.php?id=CVE-2022-32886
13 Sep 2022 — A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de desbordamiento del búfer con un manejo de memoria mejorado. Este problema es corregido en Safari versión 16, iOS versión 16, iOS versión 15.7 y iPadOS versión 15.7. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-32912 – Apple WebKit WebGL2 drawRangeElements Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-32912
13 Sep 2022 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en Safari versión 16, iOS versión 16, iOS versión 15.7 y iPadOS versión 15.7. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2022-32893 – Apple iOS and macOS Out-of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2022-32893
19 Aug 2022 — An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. • http://seclists.org/fulldisclosure/2022/Aug/16 • CWE-787: Out-of-bounds Write •