CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22667
https://notcve.org/view.php?id=CVE-2022-22667
18 Mar 2022 — A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.4 and iPadOS 15.4. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. Este problema es corregido en iOS versión 15.4 y iPadOS versión 15.4. • https://support.apple.com/en-us/HT213182 • CWE-416: Use After Free •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22671
https://notcve.org/view.php?id=CVE-2022-22671
18 Mar 2022 — An authentication issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access to an iOS device may be able to access photos from the lock screen. Se abordó un problema de autenticación con una administración de estados mejorada. Este problema es corregido en iOS versión 15.4 y iPadOS versión 15.4. • https://support.apple.com/en-us/HT213182 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22653
https://notcve.org/view.php?id=CVE-2022-22653
18 Mar 2022 — A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4. A malicious website may be able to access information about the user and their devices. Se abordó un problema de lógica con restricciones mejoradas. Este problema es corregido en iOS versión 15.4 y iPadOS versión 15.4. • https://support.apple.com/en-us/HT213182 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22642
https://notcve.org/view.php?id=CVE-2022-22642
18 Mar 2022 — This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4. A user may be able to bypass the Emergency SOS passcode prompt. Este problema se abordó con comprobaciones mejoradas. Este problema es corregido en iOS versión 15.4 y iPadOS versión 15.4. • https://support.apple.com/en-us/HT213182 •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22652
https://notcve.org/view.php?id=CVE-2022-22652
18 Mar 2022 — The GSMA authentication panel could be presented on the lock screen. The issue was resolved by requiring device unlock to interact with the GSMA authentication panel. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access may be able to view and modify the carrier account information and settings from the lock screen. El panel de autenticación de la GSMA podía presentarse en la pantalla de bloqueo. • https://support.apple.com/en-us/HT213182 • CWE-306: Missing Authentication for Critical Function •
CVSS: 10.0EPSS: 15%CPEs: 7EXPL: 2CVE-2022-22629 – Apple Safari WebGLMultiDraw Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-22629
15 Mar 2022 — A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de desbordamiento de búfer con un manejo de memoria mejorado. Este problema ha sido corregido en macOS Monterey versión 12.3, Safari versión 15.4, watchOS versión 8.5, iTunes versión 12.12.3 para Windows, ... • https://github.com/parsdefense/CVE-2022-22629 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22668 – Apple Security Advisory 2022-03-14-4
https://notcve.org/view.php?id=CVE-2022-22668
15 Mar 2022 — A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A malicious application may be able to leak sensitive user information. macOS Monterey 12.3 addresses buffer overflow, bypass, code execution, denial of service, null pointer, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213182 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2022-22633 – Apple Security Advisory 2022-03-14-4
https://notcve.org/view.php?id=CVE-2022-22633
15 Mar 2022 — A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, macOS Monterey 12.3. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. Se abordó un problema de corrupción de memoria con una administración de estados mejorada. Este problema es corregido en watchOS versión 8.5, iOS versión 15.4 y iPadOS versión 15.4, macOS Big Sur versión 11.6.5, macOS... • https://support.apple.com/en-us/HT213182 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22643 – Apple Security Advisory 2022-03-14-4
https://notcve.org/view.php?id=CVE-2022-22643
15 Mar 2022 — This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A user may send audio and video in a FaceTime call without knowing that they have done so. Este problema se abordó con comprobaciones mejoradas. Este problema es corregido en iOS versión 15.4 y iPadOS versión 15.4, macOS Monterey versión 12.3. • https://support.apple.com/en-us/HT213182 •
CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 0CVE-2022-22613 – Apple Security Advisory 2022-03-14-4
https://notcve.org/view.php?id=CVE-2022-22613
15 Mar 2022 — An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en tvOS versión 15.4, iOS versión 15.4 y iPadOS versión 15.4, macOS Big Sur versión 11.6.... • https://support.apple.com/en-us/HT213182 • CWE-787: Out-of-bounds Write •