CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2020-36521
https://notcve.org/view.php?id=CVE-2020-36521
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema ha sido corregido en iCloud para Windows versión 11.4, iOS versión 14.0 y iPadOS versión 14.0, watchOS versión 7.0, tvOS versión 14.0, iCloud para Windows versión 7.21, iTunes para Windows versión 12.10.9. • https://support.apple.com/en-us/HT211843 https://support.apple.com/en-us/HT211844 https://support.apple.com/en-us/HT211846 https://support.apple.com/en-us/HT211847 https://support.apple.com/en-us/HT211850 https://support.apple.com/en-us/HT211952 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 21EXPL: 0CVE-2022-32849
https://notcve.org/view.php?id=CVE-2022-32849
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to access sensitive user information. Se abordó un problema de divulgación de información al eliminar el código vulnerable. Este problema ha sido corregido en iOS versión 15.6 y iPadOS versión 15.6, macOS Big Sur versión 11.6.8, tvOS versión 15.6, macOS Monterey versión 12.5, Security Update 2022-005 Catalina. • https://support.apple.com/en-us/HT213342 https://support.apple.com/en-us/HT213343 https://support.apple.com/en-us/HT213344 https://support.apple.com/en-us/HT213345 https://support.apple.com/en-us/HT213346 https://support.apple.com/kb/HT213488 •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32891 – webkitgtk: UI spoofing while Visiting a website that frames malicious content
https://notcve.org/view.php?id=CVE-2022-32891
The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16, watchOS 9, iOS 16. Visiting a website that frames malicious content may lead to UI spoofing. A vulnerability was found in webkitgtk, where an issue was addressed with improved UI handling. Visiting a website that frames malicious content may lead to UI spoofing. • https://security.gentoo.org/glsa/202305-32 https://support.apple.com/en-us/HT213442 https://support.apple.com/en-us/HT213446 https://support.apple.com/en-us/HT213486 https://support.apple.com/en-us/HT213487 https://access.redhat.com/security/cve/CVE-2022-32891 https://bugzilla.redhat.com/show_bug.cgi?id=2128647 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-32908
https://notcve.org/view.php?id=CVE-2022-32908
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. A user may be able to elevate privileges. Se abordó un problema de corrupción de memoria con una comprobación de entradas mejorada. Este problema es corregido en macOS Monterey versión 12.6, iOS versión 15.7 y iPadOS versión 15.7, iOS versión 16, macOS Big Sur versión 11.7. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/39 http://seclists.org/fulldisclosure/2022/Oct/41 https://support.apple.com/en-us/HT213443 https://support.apple.com/en-us/HT213444 https://support.apple.com/en-us/HT213445 https://support.apple.com/en-us/HT213446 https://support.apple.com/kb/HT213486 https://support.apple.com/kb/HT213487 https://support.apple.com/kb/HT213488 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-32911
https://notcve.org/view.php?id=CVE-2022-32911
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to execute arbitrary code with kernel privileges. Se abordó un problema con una administración de memoria mejorada. Este problema es corregido en macOS Monterey versión 12.6, iOS versión 15.7 y iPadOS versión 15.7, iOS versión 16, macOS Big Sur versión 11.7. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/39 http://seclists.org/fulldisclosure/2022/Oct/41 https://support.apple.com/en-us/HT213443 https://support.apple.com/en-us/HT213444 https://support.apple.com/en-us/HT213445 https://support.apple.com/en-us/HT213446 https://support.apple.com/kb/HT213486 https://support.apple.com/kb/HT213487 https://support.apple.com/kb/HT213488 •