CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-26704
https://notcve.org/view.php?id=CVE-2022-26704
A validation issue existed in the handling of symlinks and was addressed with improved validation of symlinks. This issue is fixed in macOS Monterey 12.4. An app may be able to gain elevated privileges. Se presentaba un problema de comprobación en el manejo de los enlaces simbólicos y se abordó con una comprobación de los enlaces simbólicos mejorada. Este problema es corregido en macOS Monterey versión 12.4. • http://seclists.org/fulldisclosure/2022/Jul/13 http://seclists.org/fulldisclosure/2022/Jul/14 https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0032/MNDT-2022-0032.md https://support.apple.com/en-us/HT213257 https://support.apple.com/kb/HT213343 https://support.apple.com/kb/HT213344 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26694
https://notcve.org/view.php?id=CVE-2022-26694
This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. A plug-in may be able to inherit the application's permissions and access user data. Este problema es corregido con comprobaciones mejoradas. Este problema es corregido en macOS Monterey versión 12.4. • https://support.apple.com/en-us/HT213257 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26708
https://notcve.org/view.php?id=CVE-2022-26708
This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. An attacker may be able to cause unexpected application termination or arbitrary code execution. Este problema se abordó con comprobaciones mejoradas. Este problema es corregido en macOS Monterey versión 12.4. • https://support.apple.com/en-us/HT213257 https://support.apple.com/kb/HT213253 https://support.apple.com/kb/HT213254 https://support.apple.com/kb/HT213258 •
CVSS: 7.1EPSS: 0%CPEs: 18EXPL: 0CVE-2022-26698 – Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-26698
An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. Se abordó un problema de lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en Security Update 2022-004 Catalina, macOS Monterey versión 12.4 y macOS Big Sur versión 11.6.6. • https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 16EXPL: 0CVE-2022-26715
https://notcve.org/view.php?id=CVE-2022-26715
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to gain elevated privileges. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en Security Update 2022-004 Catalina, macOS Monterey versión 12.4, macOS Big Sur versión 11.6.6. • https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 • CWE-787: Out-of-bounds Write •