CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2022-42832 – Apple Security Advisory 2022-10-24-1
https://notcve.org/view.php?id=CVE-2022-42832
31 Oct 2022 — A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges. Se solucionó una condición de ejecución con un bloqueo mejorado. Este problema se solucionó en iOS 16.1 y iPadOS 16, macOS Ventura 13. • https://support.apple.com/en-us/HT213488 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-42796 – Apple Security Advisory 2022-10-24-2
https://notcve.org/view.php?id=CVE-2022-42796
31 Oct 2022 — This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.7 and iPadOS 15.7, macOS Ventura 13. An app may be able to gain elevated privileges. Este problema se solucionó eliminando el código vulnerable. Este problema se solucionó en iOS 15.7 y iPadOS 15.7, macOS Ventura 13. • https://support.apple.com/en-us/HT213445 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-42800 – Apple Security Advisory 2022-10-27-8
https://notcve.org/view.php?id=CVE-2022-42800
31 Oct 2022 — This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A user may be able to cause unexpected app termination or arbitrary code execution. Este problema se solucionó con controles mejorados. Este problema se solucionó en iOS 15.7.1 y iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 y iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. • https://support.apple.com/en-us/HT213488 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-42811 – Apple Security Advisory 2022-10-24-1
https://notcve.org/view.php?id=CVE-2022-42811
31 Oct 2022 — An access issue was addressed with additional sandbox restrictions. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to access user-sensitive data. Se solucionó un problema de acceso con restricciones adicionales de la zona de pruebas. Este problema se solucionó en tvOS 16.1, iOS 16.1 y iPadOS 16, macOS Ventura 13, watchOS 9.1. • https://support.apple.com/en-us/HT213488 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-42825 – Apple Security Advisory 2022-10-27-8
https://notcve.org/view.php?id=CVE-2022-42825
31 Oct 2022 — This issue was addressed by removing additional entitlements. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to modify protected parts of the file system. Este problema se solucionó eliminando derechos adicionales. Este problema se solucionó en tvOS 16.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 y iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. • https://support.apple.com/en-us/HT213488 • CWE-266: Incorrect Privilege Assignment •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-32790
https://notcve.org/view.php?id=CVE-2022-32790
23 Sep 2022 — This issue was addressed with improved checks. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, macOS Big Sur 11.6.6, Security Update 2022-004 Catalina. A remote user may be able to cause a denial-of-service. Se abordó este problema con comprobaciones mejoradas. Este problema ha sido corregido en tvOS versión 15.5, watchOS versión 8.6, iOS versión 15.5 y iPadOS versión 15.5, macOS Monterey versión 12.4, macOS Big Sur versión 11.6.6, Security Update 2022-004 Catal... • https://support.apple.com/en-us/HT213253 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2020-36521
https://notcve.org/view.php?id=CVE-2020-36521
23 Sep 2022 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema ha sido corregido en iCloud para Windows versión 11.4, iOS versión 14.0 y iPadOS v... • https://support.apple.com/en-us/HT211843 • CWE-125: Out-of-bounds Read •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-32795 – Apple Security Advisory 2022-09-12-1
https://notcve.org/view.php?id=CVE-2022-32795
13 Sep 2022 — This issue was addressed with improved checks. This issue is fixed in iOS 16, iOS 15.7 and iPadOS 15.7. Visiting a malicious website may lead to address bar spoofing. Se abordó este problema con comprobaciones mejoradas. Este problema es corregido en iOS versión 16, iOS versión 15.7 y iPadOS versión 15.7. • http://seclists.org/fulldisclosure/2022/Oct/39 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32854 – Apple Security Advisory 2022-10-27-9
https://notcve.org/view.php?id=CVE-2022-32854
13 Sep 2022 — This issue was addressed with improved checks. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to bypass Privacy preferences. Este problema se abordó con comprobaciones mejoradas. Este problema es corregido en iOS versión 15.7 y iPadOS versión 15.7, iOS versión 16, macOS Big Sur versión 11.7. • http://seclists.org/fulldisclosure/2022/Oct/39 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-32864 – Apple Security Advisory 2022-10-27-9
https://notcve.org/view.php?id=CVE-2022-32864
13 Sep 2022 — The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to disclose kernel memory. Se abordó este problema con la administración de memoria mejorada. Este problema es corregido en macOS Monterey versión 12.6, iOS versión 15.7 y iPadOS versión 15.7, iOS versión 16, macOS Big Sur versión 11.7. • http://seclists.org/fulldisclosure/2022/Oct/28 •