CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22648 – Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-22648
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to read restricted memory. Este problema se abordó con comprobaciones mejoradas. Este problema es corregido en macOS Big Sur versión 11.6.5, macOS Monterey versión 12.3 y Security Update 2022-003 Catalina. • https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213184 https://support.apple.com/en-us/HT213185 •
CVSS: 6.5EPSS: 0%CPEs: 18EXPL: 0CVE-2022-22662 – webkitgtk: Cookie management issue leading to sensitive user information disclosure
https://notcve.org/view.php?id=CVE-2022-22662
A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information. Se abordó un problema de administración de cookies con una administración de estados mejorada. Este problema es corregido en Security Update 2022-003 Catalina, macOS Big Sur versión 11.6.5. • http://www.openwall.com/lists/oss-security/2022/07/05/3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33BWWAQLLBHKGSI332ZZCORTFZ2XLOIH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANNHXXARVBRGI74TVQNZOAG6P7AGSMUJ https://security.gentoo.org/glsa/202208-39 https://support.apple.com/en-us/HT213184 https://support.apple.com/en-us/HT213185 https://access.redhat.com/security/cve/CVE-2022-22662 https://bugzilla.redhat& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 1CVE-2022-22616 – macOS Gatekeeper check bypass
https://notcve.org/view.php?id=CVE-2022-22616
This issue was addressed with improved checks. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks. Este problema ha sido abordado con unas comprobaciones mejoradas. Este problema es corregido en Security Update 2022-003 Catalina, macOS Monterey versión 12.3, macOS Big Sur versión 11.6.5. • https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213184 https://support.apple.com/en-us/HT213185 https://cedowens.medium.com/macos-gatekeeper-bypass-2021-edition-5256a2955508 https://objective-see.com/blog/blog_0x64.html https://jhftss.github.io/CVE-2022-22616-Gatekeeper-Bypass https://www.jamf.com/blog/jamf-threat-labs-safari-vuln-gatekeeper-bypass https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/osx/browser/osx_gatekeeper_bypass.rb •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2022-22617
https://notcve.org/view.php?id=CVE-2022-22617
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to gain elevated privileges. Se abordó un problema de lógica con una administración de estados mejorada. Este problema es corregido en macOS Big Sur versión 11.6.5, macOS Monterey versión 12.3 y Security Update 2022-003 Catalina. • https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213184 https://support.apple.com/en-us/HT213185 https://support.apple.com/kb/HT213257 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22657
https://notcve.org/view.php?id=CVE-2022-22657
A memory initialization issue was addressed with improved memory handling. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. Se abordó un problema de inicialización de la memoria con una administración de memoria mejorada. Este problema es corregido en Logic Pro versión 10.7.3, GarageBand versión 10.4.6 y macOS Monterey versión 12.3. • https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213190 https://support.apple.com/en-us/HT213191 • CWE-665: Improper Initialization •