CVSS: 5.5EPSS: 0%CPEs: 23EXPL: 1CVE-2022-0530
https://notcve.org/view.php?id=CVE-2022-0530
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. Se ha encontrado un fallo en Unzip. La vulnerabilidad se produce durante la conversión de una cadena amplia a una cadena local que conduce a un montón de escritura fuera de límites. • http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 https://bugzilla.redhat.com/show_bug.cgi?id=2051395 https://github.com/ByteHackr/unzip_poc https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html https://security.gentoo.org/glsa/202310-17 https://support.apple.com/kb/HT213255 https://support.apple.com/kb/HT213256 https://support.apple.com/kb/HT213257 https://www. •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22586
https://notcve.org/view.php?id=CVE-2022-22586
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en macOS Monterey versión 12.2. • https://support.apple.com/en-us/HT213054 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22591
https://notcve.org/view.php?id=CVE-2022-22591
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con un manejo de memoria mejorado. Este problema es corregido en macOS Monterey versión 12.2. • https://support.apple.com/en-us/HT213054 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2022-22583 – Apple macOS PackageKit PKInstallSandbox SIP Bypass vulnerability
https://notcve.org/view.php?id=CVE-2022-22583
A permissions issue was addressed with improved validation. This issue is fixed in Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application may be able to access restricted files. Se abordó un problema de permisos con una comprobación mejorada. Este problema es corregido en Security Update 2022-001 Catalina, macOS Monterey versión 12.2, macOS Big Sur versión 11.6.3. • https://support.apple.com/en-us/HT213054 https://support.apple.com/en-us/HT213055 https://support.apple.com/en-us/HT213056 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-22584 – Apple macOS ColorSync ICC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-22584
A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. Processing a maliciously crafted file may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con una comprobación mejorada. Este problema es corregido en tvOS versión 15.3, iOS versión 15.3 y iPadOS versión 15.3, watchOS versión 8.4, macOS Monterey versión 12.2. • https://support.apple.com/en-us/HT213053 https://support.apple.com/en-us/HT213054 https://support.apple.com/en-us/HT213057 https://support.apple.com/en-us/HT213059 • CWE-787: Out-of-bounds Write •