CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32891 – webkitgtk: UI spoofing while Visiting a website that frames malicious content
https://notcve.org/view.php?id=CVE-2022-32891
13 Sep 2022 — The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16, watchOS 9, iOS 16. Visiting a website that frames malicious content may lead to UI spoofing. A vulnerability was found in webkitgtk, where an issue was addressed with improved UI handling. Visiting a website that frames malicious content may lead to UI spoofing. • https://security.gentoo.org/glsa/202305-32 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-32908 – Apple Security Advisory 2022-10-27-9
https://notcve.org/view.php?id=CVE-2022-32908
13 Sep 2022 — A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. A user may be able to elevate privileges. Se abordó un problema de corrupción de memoria con una comprobación de entradas mejorada. Este problema es corregido en macOS Monterey versión 12.6, iOS versión 15.7 y iPadOS versión 15.7, iOS versión 16, macOS Big Sur versión 11.7. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-32911 – Apple Security Advisory 2022-10-27-9
https://notcve.org/view.php?id=CVE-2022-32911
13 Sep 2022 — The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to execute arbitrary code with kernel privileges. Se abordó un problema con una administración de memoria mejorada. Este problema es corregido en macOS Monterey versión 12.6, iOS versión 15.7 y iPadOS versión 15.7, iOS versión 16, macOS Big Sur versión 11.7. • http://seclists.org/fulldisclosure/2022/Oct/28 •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-32912 – Apple WebKit WebGL2 drawRangeElements Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-32912
13 Sep 2022 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en Safari versión 16, iOS versión 16, iOS versión 15.7 y iPadOS versión 15.7. • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32917 – Apple iOS, iPadOS, and macOS Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-32917
13 Sep 2022 — The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. Se abordó un problema con comprobaciones de límites mejoradas. • http://seclists.org/fulldisclosure/2022/Oct/39 • CWE-787: Out-of-bounds Write •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-32795 – Apple Security Advisory 2022-09-12-1
https://notcve.org/view.php?id=CVE-2022-32795
13 Sep 2022 — This issue was addressed with improved checks. This issue is fixed in iOS 16, iOS 15.7 and iPadOS 15.7. Visiting a malicious website may lead to address bar spoofing. Se abordó este problema con comprobaciones mejoradas. Este problema es corregido en iOS versión 16, iOS versión 15.7 y iPadOS versión 15.7. • http://seclists.org/fulldisclosure/2022/Oct/39 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32854 – Apple Security Advisory 2022-10-27-9
https://notcve.org/view.php?id=CVE-2022-32854
13 Sep 2022 — This issue was addressed with improved checks. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to bypass Privacy preferences. Este problema se abordó con comprobaciones mejoradas. Este problema es corregido en iOS versión 15.7 y iPadOS versión 15.7, iOS versión 16, macOS Big Sur versión 11.7. • http://seclists.org/fulldisclosure/2022/Oct/39 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-32864 – Apple Security Advisory 2022-10-27-9
https://notcve.org/view.php?id=CVE-2022-32864
13 Sep 2022 — The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to disclose kernel memory. Se abordó este problema con la administración de memoria mejorada. Este problema es corregido en macOS Monterey versión 12.6, iOS versión 15.7 y iPadOS versión 15.7, iOS versión 16, macOS Big Sur versión 11.7. • http://seclists.org/fulldisclosure/2022/Oct/28 •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-32868 – Apple Security Advisory 2022-09-12-1
https://notcve.org/view.php?id=CVE-2022-32868
13 Sep 2022 — A logic issue was addressed with improved state management. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. A website may be able to track users through Safari web extensions. Se abordó un problema de lógica con una administración de estados mejorada. Este problema es corregido en Safari versión 16, iOS versión 16, iOS versión 15.7 y iPadOS versión 15.7. • http://seclists.org/fulldisclosure/2022/Oct/39 •
CVSS: 2.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-32872 – Apple Security Advisory 2022-09-12-1
https://notcve.org/view.php?id=CVE-2022-32872
13 Sep 2022 — A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, iOS 15.7 and iPadOS 15.7. A person with physical access to an iOS device may be able to access photos from the lock screen. Se abordó un problema de lógica con restricciones mejoradas. Este problema es corregido en iOS versión 16, iOS versión 15.7 y iPadOS versión 15.7. • http://seclists.org/fulldisclosure/2022/Oct/39 •