CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22655
https://notcve.org/view.php?id=CVE-2022-22655
An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4. An app may be able to leak sensitive user information. Se ha solucionado un problema de acceso mejorando el sandbox. Este problema se ha solucionado en macOS Monterey 12.3, iOS 15.4 y iPadOS 15.4. • https://support.apple.com/en-us/HT213182 https://support.apple.com/en-us/HT213183 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-46725 – webkitgtk: Visiting a malicious website may lead to address bar spoofing.
https://notcve.org/view.php?id=CVE-2022-46725
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.4 and iPadOS 16.4. Visiting a malicious website may lead to address bar spoofing. Existía un problema de suplantación de identidad en el tratamiento de las URL. • http://www.openwall.com/lists/oss-security/2023/11/15/1 https://support.apple.com/en-us/HT213676 https://access.redhat.com/security/cve/CVE-2022-46725 https://bugzilla.redhat.com/show_bug.cgi?id=2271446 • CWE-20: Improper Input Validation •
CVSS: 2.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-46724
https://notcve.org/view.php?id=CVE-2022-46724
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.4 and iPadOS 16.4. A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen. Este problema se solucionó restringiendo las opciones ofrecidas en un dispositivo bloqueado. Este problema se ha solucionado en iOS 16.4 y iPadOS 16.4. • https://support.apple.com/en-us/HT213676 •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-28198 – Apple Safari DFG Fixup Phase Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-28198
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution. Se ha solucionado un problema de use-after-free con una mejora en la gestión de memoria. Este problema se ha solucionado en iOS 16.4 y iPadOS 16.4, macOS Ventura 13.3. • http://www.openwall.com/lists/oss-security/2023/09/11/1 https://security.gentoo.org/glsa/202401-04 https://support.apple.com/en-us/HT213670 https://support.apple.com/en-us/HT213676 https://access.redhat.com/security/cve/CVE-2023-28198 https://bugzilla.redhat.com/show_bug.cgi?id=2238943 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-37285
https://notcve.org/view.php?id=CVE-2023-37285
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. • https://support.apple.com/en-us/HT213842 https://support.apple.com/en-us/HT213843 https://support.apple.com/en-us/HT213844 https://support.apple.com/en-us/HT213845 https://support.apple.com/kb/HT213842 https://support.apple.com/kb/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845 • CWE-125: Out-of-bounds Read •