CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2022-26709 – webkitgtk: Use-after-free leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-26709
17 May 2022 — A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. Se solucionó un problema de uso después de la liberación con una gestión de memoria mejorada. Este problema se solucionó en tvOS 15.5, iOS 15.5 y iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. • https://support.apple.com/en-us/HT213253 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2022-26716 – webkitgtk: Memory corruption issue leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-26716
17 May 2022 — A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de corrupción de la memoria con una gestión estatal mejorada. Este problema se solucionó en tvOS 15.5, iOS 15.5 y iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. • https://support.apple.com/en-us/HT213253 • CWE-787: Out-of-bounds Write CWE-1173: Improper Use of Validation Framework •
CVSS: 6.5EPSS: 11%CPEs: 17EXPL: 2CVE-2022-26726 – Apple Security Advisory 2022-05-16-4
https://notcve.org/view.php?id=CVE-2022-26726
17 May 2022 — This issue was addressed with improved checks. This issue is fixed in Security Update 2022-004 Catalina, watchOS 8.6, macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to capture a user's screen. Este problema es corregido con comprobaciones mejoradas. Este problema es corregido en Security Update 2022-004 Catalina, watchOS versión 8.6, macOS Monterey versión 12.4, macOS Big Sur versión 11.6.6. • https://github.com/acheong08/CVE-2022-26726-POC •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2022-1622 – Debian Security Advisory 5333-1
https://notcve.org/view.php?id=CVE-2022-1622
11 May 2022 — LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. La rama maestra de LibTIFF presenta una lectura fuera de límites en LZWDecode en libtiff/tif_lzw.c:619, permitiendo a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para usuarios que compilan libtiff a partir de las fuentes, la ... • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22675 – Apple macOS Out-of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2022-22675
01 Apr 2022 — An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.3.1, iOS 15.4.1 and iPadOS 15.4.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. • https://support.apple.com/en-us/HT213219 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-22609 – Apple Security Advisory 2022-03-14-4
https://notcve.org/view.php?id=CVE-2022-22609
15 Mar 2022 — The issue was addressed with additional permissions checks. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A malicious application may be able to read other applications' settings. Este problema se abordó con comprobaciones de permisos adicionales. Este problema es corregido en tvOS versión 15.4, iOS versión 15.4 y iPadOS versión 15.4, macOS Monterey versión 12.3, watchOS versión 8.5. • https://support.apple.com/en-us/HT213182 •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2022-22640 – Apple Security Advisory 2022-03-14-4
https://notcve.org/view.php?id=CVE-2022-22640
15 Mar 2022 — A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con una comprobación mejorada. Este problema es corregido en tvOS versión 15.4, iOS versión 15.4 y iPadOS versión 15.4, macOS Monterey versión 12.3, watchOS versión 8.5. • https://support.apple.com/en-us/HT213182 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22637 – webkitgtk: logic issue was addressed with improved state management
https://notcve.org/view.php?id=CVE-2022-22637
15 Mar 2022 — A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. A malicious website may cause unexpected cross-origin behavior. Se abordó un problema de lógica con una administración de estados mejorada. Este problema ha sido corregido en macOS Monterey versión 12.3, Safari versión 15.4, watchOS versión 8.5, iOS versión 15.4 y iPadOS versión 15.4, tvOS versión 15.4. • https://support.apple.com/en-us/HT213182 • CWE-346: Origin Validation Error •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22596 – Apple Security Advisory 2022-03-14-2
https://notcve.org/view.php?id=CVE-2022-22596
15 Mar 2022 — A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con una comprobación mejorada. Este problema es corregido en watchOS versión 8.5, iOS versión 15.4 y iPadOS versión 15.4. • https://support.apple.com/en-us/HT213182 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22618 – Apple Security Advisory 2022-03-14-2
https://notcve.org/view.php?id=CVE-2022-22618
15 Mar 2022 — This issue was addressed with improved checks. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4. A user may be able to bypass the Emergency SOS passcode prompt. Este problema se abordó con comprobaciones mejoradas. Este problema es corregido en watchOS versión 8.5, iOS versión 15.4 y iPadOS versión 15.4. • https://support.apple.com/en-us/HT213182 •