CVSS: 9.3EPSS: 0%CPEs: 19EXPL: 0CVE-2022-26714 – Apple Security Advisory 2022-05-16-4
https://notcve.org/view.php?id=CVE-2022-26714
17 May 2022 — A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con una comprobación mejorada. Este problema es corregido en tvOS versión 15.5, iOS versión 15.5 y iPadOS versión 15.5, Security Update 2022-004 Catalina, watchOS versión ... • https://support.apple.com/en-us/HT213253 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 16EXPL: 0CVE-2022-26715 – Apple Security Advisory 2022-05-16-4
https://notcve.org/view.php?id=CVE-2022-26715
17 May 2022 — An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to gain elevated privileges. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en Security Update 2022-004 Catalina, macOS Monterey versión 12.4, macOS Big Sur versión 11.6.6. • https://support.apple.com/en-us/HT213255 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-26704 – Apple Security Advisory 2022-05-16-2
https://notcve.org/view.php?id=CVE-2022-26704
17 May 2022 — A validation issue existed in the handling of symlinks and was addressed with improved validation of symlinks. This issue is fixed in macOS Monterey 12.4. An app may be able to gain elevated privileges. Se presentaba un problema de comprobación en el manejo de los enlaces simbólicos y se abordó con una comprobación de los enlaces simbólicos mejorada. Este problema es corregido en macOS Monterey versión 12.4. • http://seclists.org/fulldisclosure/2022/Jul/13 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0CVE-2022-22674 – Apple macOS Out-of-Bounds Read Vulnerability
https://notcve.org/view.php?id=CVE-2022-22674
01 Apr 2022 — An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. A local user may be able to read kernel memory. Se presentaba un problema de lectura fuera de límites que conllevaba a una divulgación de la memoria del kernel. • https://support.apple.com/en-us/HT213220 • CWE-125: Out-of-bounds Read •
CVSS: 8.2EPSS: 0%CPEs: 71EXPL: 4CVE-2018-25032 – zlib: A flaw found in zlib when compressing (not decompressing) certain inputs
https://notcve.org/view.php?id=CVE-2018-25032
25 Mar 2022 — zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. zlib versiones anteriores a 1.2.12 permite la corrupción de memoria al desinflar (es decir, al comprimir) si la entrada tiene muchas coincidencias distantes An out-of-bounds access flaw was found in zlib, which allows memory corruption when deflating (ex: when compressing) if the input has many distant matches. For some rare inputs with a large number of distant matches (crafted payload... • https://github.com/Trinadh465/external_zlib_4.4_CVE-2018-25032 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 18EXPL: 0CVE-2022-22662 – webkitgtk: Cookie management issue leading to sensitive user information disclosure
https://notcve.org/view.php?id=CVE-2022-22662
15 Mar 2022 — A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information. Se abordó un problema de administración de cookies con una administración de estados mejorada. Este problema es corregido en Security Update 2022-003 Catalina, macOS Big Sur versión 11.6.5. • http://www.openwall.com/lists/oss-security/2022/07/05/3 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 17EXPL: 0CVE-2022-22665 – Apple Security Advisory 2022-05-16-4
https://notcve.org/view.php?id=CVE-2022-22665
15 Mar 2022 — A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to gain root privileges. Se abordó un problema de lógica con una comprobación mejorada. Este problema es corregido en macOS Monterey versión 12.3. • http://seclists.org/fulldisclosure/2022/May/33 •
CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 0CVE-2022-22625 – Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-22625
15 Mar 2022 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema es corregido en macOS Big Sur versión 11.6.5, macOS Monterey versión 12.3 y Security Update 2022-003 Catalina. • https://support.apple.com/en-us/HT213183 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 6%CPEs: 17EXPL: 0CVE-2022-22616 – Apple Security Advisory 2022-03-14-4
https://notcve.org/view.php?id=CVE-2022-22616
15 Mar 2022 — This issue was addressed with improved checks. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks. Este problema ha sido abordado con unas comprobaciones mejoradas. Este problema es corregido en Security Update 2022-003 Catalina, macOS Monterey versión 12.3, macOS Big Sur versión 11.6.5. • https://support.apple.com/en-us/HT213183 •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2022-22597 – Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-22597
15 Mar 2022 — A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted file may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con una comprobación mejorada. Este problema es corregido en macOS Big Sur versión 11.6.5, macOS Monterey versión 12.3 y Security Update 2022-003 Catalina. • https://support.apple.com/en-us/HT213183 • CWE-787: Out-of-bounds Write •