CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-26709 – webkitgtk: Use-after-free leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-26709
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. Se solucionó un problema de uso después de la liberación con una gestión de memoria mejorada. Este problema se solucionó en tvOS 15.5, iOS 15.5 y iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. • https://support.apple.com/en-us/HT213253 https://support.apple.com/en-us/HT213254 https://support.apple.com/en-us/HT213257 https://support.apple.com/en-us/HT213258 https://support.apple.com/en-us/HT213260 https://access.redhat.com/security/cve/CVE-2022-26709 https://bugzilla.redhat.com/show_bug.cgi?id=2092733 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-26710 – webkitgtk: Use-after-free leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-26710
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code execution. Se solucionó un problema de uso después de la liberación con una gestión de memoria mejorada. Este problema se solucionó en iOS 15.5 y iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. • https://support.apple.com/en-us/HT213253 https://support.apple.com/en-us/HT213254 https://support.apple.com/en-us/HT213257 https://support.apple.com/en-us/HT213258 https://access.redhat.com/security/cve/CVE-2022-26710 https://bugzilla.redhat.com/show_bug.cgi?id=2104789 • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-26731
https://notcve.org/view.php?id=CVE-2022-26731
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious website may be able to track users in Safari private browsing mode. Se abordó un problema de lógica con una administración de estados mejorada. Este problema es corregido en macOS Monterey versión 12.4, iOS versión 15.5 y iPadOS versión 15.5. • https://support.apple.com/en-us/HT213257 https://support.apple.com/en-us/HT213258 https://support.apple.com/kb/HT213256 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-26706
https://notcve.org/view.php?id=CVE-2022-26706
An access issue was addressed with additional sandbox restrictions on third-party applications. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A sandboxed process may be able to circumvent sandbox restrictions. Se abordó un problema de acceso con restricciones adicionales de sandbox en aplicaciones de terceros. Este problema es corregido en tvOS versión 15.5, iOS versión 15.5 y iPadOS versión 15.5, watchOS versión 8.6, macOS Big Sur versión 11.6.6, macOS Monterey versión 12.4. • https://support.apple.com/en-us/HT213253 https://support.apple.com/en-us/HT213254 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 https://support.apple.com/en-us/HT213258 •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-26744
https://notcve.org/view.php?id=CVE-2022-26744
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con una administración de estados mejorada. Este problema es corregido en iOS versión 15.5 y iPadOS versión 15.5. • http://seclists.org/fulldisclosure/2022/Oct/39 https://support.apple.com/en-us/HT213258 https://support.apple.com/kb/HT213446 • CWE-787: Out-of-bounds Write •