CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32890 – Apple Security Advisory 2022-10-24-2
https://notcve.org/view.php?id=CVE-2022-32890
31 Oct 2022 — A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. A sandboxed process may be able to circumvent sandbox restrictions. Se solucionó un problema de lógica con controles mejorados. Este problema se solucionó en macOS Ventura 13. • https://support.apple.com/en-us/HT213488 •
CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32892 – Apple Security Advisory 2022-10-24-2
https://notcve.org/view.php?id=CVE-2022-32892
31 Oct 2022 — An access issue was addressed with improvements to the sandbox. This issue is fixed in Safari 16, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13. A sandboxed process may be able to circumvent sandbox restrictions. Se solucionó un problema de acceso con mejoras en el sandbox. Este problema se solucionó en Safari 16, iOS 15.7 y iPadOS 15.7, iOS 16, macOS Ventura 13. • https://support.apple.com/en-us/HT213442 •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32895 – Apple Security Advisory 2022-10-24-2
https://notcve.org/view.php?id=CVE-2022-32895
31 Oct 2022 — A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system. Se solucionó una condición de carrera con un mejor manejo del estado. Este problema se solucionó en macOS Ventura 13. • https://support.apple.com/en-us/HT213488 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 3%CPEs: 4EXPL: 1CVE-2022-32898 – Apple Security Advisory 2022-10-24-2
https://notcve.org/view.php?id=CVE-2022-32898
31 Oct 2022 — The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13, watchOS 9. An app may be able to execute arbitrary code with kernel privileges. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en iOS 15.7 y iPadOS 15.7, iOS 16, macOS Ventura 13, watchOS 9. • https://github.com/ox1111/CVE-2022-32898 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32899 – Apple Security Advisory 2022-10-24-2
https://notcve.org/view.php?id=CVE-2022-32899
31 Oct 2022 — The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13, watchOS 9. An app may be able to execute arbitrary code with kernel privileges. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en iOS 15.7 y iPadOS 15.7, iOS 16, macOS Ventura 13, watchOS 9. • https://support.apple.com/en-us/HT213445 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-32904 – Apple Security Advisory 2022-10-27-9
https://notcve.org/view.php?id=CVE-2022-32904
31 Oct 2022 — An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to access user-sensitive data. Se solucionó un problema de acceso con restricciones adicionales de la sandbox. Este problema se solucionó en macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. • https://support.apple.com/en-us/HT213443 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32905 – Apple Security Advisory 2022-10-24-2
https://notcve.org/view.php?id=CVE-2022-32905
31 Oct 2022 — This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted DMG file may lead to arbitrary code execution with system privileges. Este problema se solucionó con una validación mejorada de los enlaces simbólicos. Este problema se solucionó en macOS Ventura 13. • https://support.apple.com/en-us/HT213488 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2022-32913 – Apple Security Advisory 2022-10-27-9
https://notcve.org/view.php?id=CVE-2022-32913
31 Oct 2022 — The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera. El problema se solucionó con restricciones adicionales sobre la observabilidad de los estados de las aplicaciones. Este problema se solucionó en macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16.... • https://support.apple.com/en-us/HT213443 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-32914 – Apple Security Advisory 2022-10-27-9
https://notcve.org/view.php?id=CVE-2022-32914
31 Oct 2022 — A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to execute arbitrary code with kernel privileges. Se solucionó un problema de use-after-free con una gestión de memoria mejorada. Este problema se solucionó en macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. • https://support.apple.com/en-us/HT213443 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32915 – Apple Security Advisory 2023-01-23-5
https://notcve.org/view.php?id=CVE-2022-32915
31 Oct 2022 — A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. Se solucionó un problema de confusión de tipos con comprobaciones mejoradas. Este problema se solucionó en macOS Ventura 13. • http://seclists.org/fulldisclosure/2023/Jan/20 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •