CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-32942 – Apple Security Advisory 2022-12-13-6
https://notcve.org/view.php?id=CVE-2022-32942
15 Dec 2022 — The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. An app may be able to execute arbitrary code with kernel privileges. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. • http://seclists.org/fulldisclosure/2022/Dec/23 • CWE-125: Out-of-bounds Read •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2022-32945
https://notcve.org/view.php?id=CVE-2022-32945
15 Dec 2022 — An access issue was addressed with additional sandbox restrictions on third-party apps. This issue is fixed in macOS Ventura 13. An app may be able to record audio with paired AirPods. Se solucionó un problema de acceso con restricciones adicionales de sandbox en aplicaciones de terceros. Este problema se solucionó en macOS Ventura 13. • https://support.apple.com/en-us/HT213488 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-42821 – Apple Security Advisory 2022-12-13-6
https://notcve.org/view.php?id=CVE-2022-42821
15 Dec 2022 — A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Big Sur 11.7.2, macOS Ventura 13. An app may bypass Gatekeeper checks. Se solucionó un problema de lógica con controles mejorados. Este problema se solucionó en macOS Monterey 12.6.2, macOS Big Sur 11.7.2, macOS Ventura 13. • http://seclists.org/fulldisclosure/2022/Dec/24 • CWE-693: Protection Mechanism Failure •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-42840 – Apple Security Advisory 2022-12-13-6
https://notcve.org/view.php?id=CVE-2022-42840
15 Dec 2022 — The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2. An app may be able to execute arbitrary code with kernel privileges. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 y iPadOS 15.7.2, iOS 16.2 y iPadOS 16.2. • http://seclists.org/fulldisclosure/2022/Dec/20 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-42841 – Apple Security Advisory 2022-12-13-6
https://notcve.org/view.php?id=CVE-2022-42841
15 Dec 2022 — A type confusion issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. Processing a maliciously crafted package may lead to arbitrary code execution. Se solucionó un problema de confusión de tipos con comprobaciones mejoradas. Este problema se solucionó en macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. • http://seclists.org/fulldisclosure/2022/Dec/23 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 2%CPEs: 7EXPL: 0CVE-2022-42842 – Apple Security Advisory 2022-12-13-6
https://notcve.org/view.php?id=CVE-2022-42842
15 Dec 2022 — The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. A remote user may be able to cause kernel code execution. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 y iPadOS 16.2, watchOS 9.2. • http://seclists.org/fulldisclosure/2022/Dec/20 • CWE-787: Out-of-bounds Write •
CVSS: 8.3EPSS: 0%CPEs: 7EXPL: 0CVE-2022-42845 – Apple Security Advisory 2022-12-13-6
https://notcve.org/view.php?id=CVE-2022-42845
15 Dec 2022 — The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app with root privileges may be able to execute arbitrary code with kernel privileges. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 y iPadOS 16.2, watchOS 9.2. • http://seclists.org/fulldisclosure/2022/Dec/20 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42847 – Apple Security Advisory 2022-12-13-4
https://notcve.org/view.php?id=CVE-2022-42847
15 Dec 2022 — An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges. Se solucionó un problema de escritura fuera de los límites con una validación de entrada mejorada. Este problema se solucionó en macOS Ventura 13.1. • http://seclists.org/fulldisclosure/2022/Dec/23 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42853 – Apple Security Advisory 2022-12-13-4
https://notcve.org/view.php?id=CVE-2022-42853
15 Dec 2022 — An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.1. An app may be able to modify protected parts of the file system. Se solucionó un problema de acceso mejorando las restricciones de acceso. Este problema se solucionó en macOS Ventura 13.1. • http://seclists.org/fulldisclosure/2022/Dec/23 • CWE-284: Improper Access Control •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 1CVE-2022-42855 – Apple Security Advisory 2022-12-13-5
https://notcve.org/view.php?id=CVE-2022-42855
15 Dec 2022 — A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2. An app may be able to use arbitrary entitlements. Se abordó un problema lógico con una mejor gestión del estado . Este problema se solucionó en tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, iOS 15.7.2 y iPadOS 15.7.2, iOS 16.2 y iPadOS 16.2. • https://packetstorm.news/files/id/170518 • CWE-269: Improper Privilege Management •