CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-42806 – Apple Security Advisory 2022-10-24-1
https://notcve.org/view.php?id=CVE-2022-42806
31 Oct 2022 — A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. Se solucionó una condición de ejecución con un bloqueo mejorado. Este problema se solucionó en iOS 16.1 y iPadOS 16, macOS Ventura 13. • https://support.apple.com/en-us/HT213488 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 0CVE-2022-42808 – Apple Security Advisory 2022-10-24-1
https://notcve.org/view.php?id=CVE-2022-42808
31 Oct 2022 — An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. A remote user may be able to cause kernel code execution. Se solucionó un problema de escritura fuera de los límites mejorando la verificación de los límites. Este problema se solucionó en tvOS 16.1, iOS 16.1 y iPadOS 16, macOS Ventura 13, watchOS 9.1. • https://support.apple.com/en-us/HT213488 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42809 – Apple Security Advisory 2022-10-24-2
https://notcve.org/view.php?id=CVE-2022-42809
31 Oct 2022 — The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted gcx file may lead to unexpected app termination or arbitrary code execution. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en macOS Ventura 13. • https://support.apple.com/en-us/HT213488 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-42810 – Apple Security Advisory 2022-10-27-1
https://notcve.org/view.php?id=CVE-2022-42810
31 Oct 2022 — The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. Processing a maliciously crafted USD file may disclose memory contents. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en iOS 15.7.1 y iPadOS 15.7.1, tvOS 16.1, iOS 16.1 y iPadOS 16, macOS Ventura 13. • https://support.apple.com/en-us/HT213488 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-42811 – Apple Security Advisory 2022-10-24-1
https://notcve.org/view.php?id=CVE-2022-42811
31 Oct 2022 — An access issue was addressed with additional sandbox restrictions. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to access user-sensitive data. Se solucionó un problema de acceso con restricciones adicionales de la zona de pruebas. Este problema se solucionó en tvOS 16.1, iOS 16.1 y iPadOS 16, macOS Ventura 13, watchOS 9.1. • https://support.apple.com/en-us/HT213488 •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2022-42813 – Apple Security Advisory 2022-10-24-1
https://notcve.org/view.php?id=CVE-2022-42813
31 Oct 2022 — A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. Processing a maliciously crafted certificate may lead to arbitrary code execution. Existía un problema de validación de certificados en el manejo de WKWebView. • https://support.apple.com/en-us/HT213488 • CWE-295: Improper Certificate Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42814 – Apple Security Advisory 2022-10-24-2
https://notcve.org/view.php?id=CVE-2022-42814
31 Oct 2022 — A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data. Se solucionó un problema de lógica con controles mejorados. Este problema se solucionó en macOS Ventura 13. • https://support.apple.com/en-us/HT213488 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-32827 – AppleAVD deallocateKernelMemoryInternal Missing Surface Lock
https://notcve.org/view.php?id=CVE-2022-32827
31 Oct 2022 — A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to cause a denial-of-service. Se abordó un problema de corrupción de la memoria con una gestión estatal mejorada. Este problema se solucionó en iOS 16, macOS Ventura 13. • https://packetstorm.news/files/id/169929 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-32858 – Apple Security Advisory 2022-10-24-2
https://notcve.org/view.php?id=CVE-2022-32858
31 Oct 2022 — The issue was addressed with improved memory handling. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. An app may be able to leak sensitive kernel state. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en iOS 16, macOS Ventura 13, watchOS 9. • https://support.apple.com/en-us/HT213446 •
CVSS: 5.5EPSS: 1%CPEs: 2EXPL: 1CVE-2022-32862 – Apple Security Advisory 2022-10-27-8
https://notcve.org/view.php?id=CVE-2022-32862
31 Oct 2022 — This issue was addressed with improved data protection. This issue is fixed in macOS Big Sur 11.7.1, macOS Ventura 13, macOS Monterey 12.6.1. An app with root privileges may be able to access private information. Este problema se solucionó mejorando la protección de datos. Este problema se solucionó en macOS Big Sur 11.7.1, macOS Ventura 13, macOS Monterey 12.6.1. • https://github.com/rohitc33/CVE-2022-32862 •