CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32890
https://notcve.org/view.php?id=CVE-2022-32890
01 Nov 2022 — A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. A sandboxed process may be able to circumvent sandbox restrictions. Se solucionó un problema de lógica con controles mejorados. Este problema se solucionó en macOS Ventura 13. • https://support.apple.com/en-us/HT213488 •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32895
https://notcve.org/view.php?id=CVE-2022-32895
01 Nov 2022 — A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system. Se solucionó una condición de carrera con un mejor manejo del estado. Este problema se solucionó en macOS Ventura 13. • https://support.apple.com/en-us/HT213488 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-32904
https://notcve.org/view.php?id=CVE-2022-32904
01 Nov 2022 — An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to access user-sensitive data. Se solucionó un problema de acceso con restricciones adicionales de la sandbox. Este problema se solucionó en macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. • https://support.apple.com/en-us/HT213443 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32905
https://notcve.org/view.php?id=CVE-2022-32905
01 Nov 2022 — This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted DMG file may lead to arbitrary code execution with system privileges. Este problema se solucionó con una validación mejorada de los enlaces simbólicos. Este problema se solucionó en macOS Ventura 13. • https://support.apple.com/en-us/HT213488 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2022-32910
https://notcve.org/view.php?id=CVE-2022-32910
01 Nov 2022 — A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5, Security Update 2022-005 Catalina. An archive may be able to bypass Gatekeeper. Se solucionó un problema de lógica con controles mejorados. Este problema se solucionó en macOS Big Sur 11.6.8, macOS Monterey 12.5, Actualización de seguridad 2022-005 Catalina. • https://support.apple.com/en-us/HT213343 •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2022-32913
https://notcve.org/view.php?id=CVE-2022-32913
01 Nov 2022 — The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera. El problema se solucionó con restricciones adicionales sobre la observabilidad de los estados de las aplicaciones. Este problema se solucionó en macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16.... • https://support.apple.com/en-us/HT213443 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-32914
https://notcve.org/view.php?id=CVE-2022-32914
01 Nov 2022 — A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to execute arbitrary code with kernel privileges. Se solucionó un problema de use-after-free con una gestión de memoria mejorada. Este problema se solucionó en macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. • https://support.apple.com/en-us/HT213443 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32915
https://notcve.org/view.php?id=CVE-2022-32915
01 Nov 2022 — A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. Se solucionó un problema de confusión de tipos con comprobaciones mejoradas. Este problema se solucionó en macOS Ventura 13. • http://seclists.org/fulldisclosure/2023/Jan/20 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-32918
https://notcve.org/view.php?id=CVE-2022-32918
01 Nov 2022 — This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to bypass Privacy preferences. Este problema se solucionó mejorando la protección de datos. Este problema se solucionó en iOS 16 y macOS Ventura 13. • https://support.apple.com/en-us/HT213446 •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-32928
https://notcve.org/view.php?id=CVE-2022-32928
01 Nov 2022 — A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. A user in a privileged network position may be able to intercept mail credentials. Se abordó un problema de lógica con restricciones mejoradas. Este problema se solucionó en iOS 16, macOS Ventura 13, watchOS 9. • https://support.apple.com/en-us/HT213446 •