CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22624 – webkitgtk: Use-after-free leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-22624
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. Este problema ha sido corregido en macOS Monterey versión 12.3, iOS versión 15.4 y iPadOS versión 15.4, tvOS versión 15.4, Safari versión 15.4. • https://support.apple.com/en-us/HT213182 https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213186 https://support.apple.com/en-us/HT213187 https://access.redhat.com/security/cve/CVE-2022-22624 https://bugzilla.redhat.com/show_bug.cgi?id=2073893 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22636
https://notcve.org/view.php?id=CVE-2022-22636
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en tvOS versión 15.4, iOS versión 15.4 y iPadOS versión 15.4. • https://support.apple.com/en-us/HT213182 https://support.apple.com/en-us/HT213186 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22641
https://notcve.org/view.php?id=CVE-2022-22641
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. An application may be able to gain elevated privileges. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. Este problema es corregido en tvOS versión 15.4, iOS versión 15.4 y iPadOS versión 15.4, macOS Monterey versión 12.3. • https://support.apple.com/en-us/HT213182 https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213186 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22666 – AppleVideoDecoder CreateHeaderBuffer Out-Of-Bounds Free
https://notcve.org/view.php?id=CVE-2022-22666
A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, watchOS 8.5. Processing a maliciously crafted image may lead to heap corruption. Se abordó un problema de corrupción de memoria con una comprobación mejorada. Este problema es corregido en tvOS versión 15.4, iOS versión 15.4 y iPadOS versión 15.4, watchOS versión 8.5. • http://packetstormsecurity.com/files/167144/AppleVideoDecoder-CreateHeaderBuffer-Out-Of-Bounds-Free.html https://support.apple.com/en-us/HT213182 https://support.apple.com/en-us/HT213186 https://support.apple.com/en-us/HT213193 • CWE-787: Out-of-bounds Write •
CVSS: 2.4EPSS: 0%CPEs: 5EXPL: 0CVE-2022-22599
https://notcve.org/view.php?id=CVE-2022-22599
Description: A permissions issue was addressed with improved validation. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, macOS Monterey 12.3. A person with physical access to a device may be able to use Siri to obtain some location information from the lock screen. Descripción: Se abordó un problema de permisos con una comprobación mejorada. Este problema es corregido en watchOS versión 8.5, iOS versión 15.4 y iPadOS versión 15.4, macOS Big Sur versión 11.6.5, macOS Monterey versión 12.3. • https://support.apple.com/en-us/HT213182 https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213184 https://support.apple.com/en-us/HT213193 •