CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 2CVE-2022-22620 – Apple iOS, iPadOS, and macOS Webkit Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2022-22620
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. • https://github.com/kmeps4/CVE-2022-22620 https://github.com/springsec/CVE-2022-22620 https://security.gentoo.org/glsa/202208-39 https://support.apple.com/en-us/HT213091 https://support.apple.com/en-us/HT213092 https://support.apple.com/en-us/HT213093 https://access.redhat.com/security/cve/CVE-2022-22620 https://bugzilla.redhat.com/show_bug.cgi?id=2056474 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-22584 – Apple macOS ColorSync ICC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-22584
A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. Processing a maliciously crafted file may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con una comprobación mejorada. Este problema es corregido en tvOS versión 15.3, iOS versión 15.3 y iPadOS versión 15.3, watchOS versión 8.4, macOS Monterey versión 12.2. • https://support.apple.com/en-us/HT213053 https://support.apple.com/en-us/HT213054 https://support.apple.com/en-us/HT213057 https://support.apple.com/en-us/HT213059 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22587 – Apple Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2022-22587
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, macOS Big Sur 11.6.3, macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. Se abordó un problema de corrupción de memoria con una comprobación de entradas mejorada. • https://support.apple.com/en-us/HT213053 https://support.apple.com/en-us/HT213054 https://support.apple.com/en-us/HT213055 • CWE-787: Out-of-bounds Write •
CVSS: 7.6EPSS: 0%CPEs: 22EXPL: 0CVE-2022-22589 – webkitgtk: Processing a maliciously crafted mail message may lead to running arbitrary javascript
https://notcve.org/view.php?id=CVE-2022-22589
A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript. Se abordó un problema de comprobación con un saneo de entradas mejorado. Este problema es corregido en iOS versión 15.3 y iPadOS versión 15.3, watchOS versión 8.4, tvOS versión 15.3, Safari versión 15.3, macOS Monterey versión 12.2. • http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 https://security.gentoo.org/glsa/202208-39 https://support.apple.com/en-us/HT213053 https://support.apple.com/en-us/HT213054 https://support.apple.com/en-us/HT213057 https://support.apple.com/en-us/HT213058 https://support.apple.com/en-us/HT213059 https://support.apple.com/kb/HT213185 https://support.apple.com/kb/HT213255 https://support.apple.com/kb/HT213256 https:&# • CWE-1173: Improper Use of Validation Framework •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2022-22578
https://notcve.org/view.php?id=CVE-2022-22578
A logic issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. A malicious application may be able to gain root privileges. Se abordó un problema de lógica con una comprobación mejorada. Este problema es corregido en tvOS versión 15.3, iOS versión 15.3 y iPadOS versión 15.3, watchOS versión 8.4, macOS Monterey versión 12.2. • https://support.apple.com/en-us/HT213053 https://support.apple.com/en-us/HT213054 https://support.apple.com/en-us/HT213057 https://support.apple.com/en-us/HT213059 •