CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32802
https://notcve.org/view.php?id=CVE-2022-32802
A logic issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, tvOS 15.6, macOS Monterey 12.5. Processing a maliciously crafted file may lead to arbitrary code execution. Se abordó un problema de lógica con comprobaciones mejoradas. Este problema es corregido en iOS versión 15.6 y iPadOS versión 15.6, tvOS versión 15.6, macOS Monterey versión 12.5. • https://support.apple.com/en-us/HT213342 https://support.apple.com/en-us/HT213345 https://support.apple.com/en-us/HT213346 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26724
https://notcve.org/view.php?id=CVE-2022-26724
An authentication issue was addressed with improved state management. This issue is fixed in tvOS 15.5. A local user may be able to enable iCloud Photos without authentication. Se abordó un problema de autenticación con una administración de estados mejorada. Este problema es corregido en tvOS versión 15.5. • https://support.apple.com/en-us/HT213254 • CWE-287: Improper Authentication •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2022-26766 – macOS 12.3.1 Local Root
https://notcve.org/view.php?id=CVE-2022-26766
A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious app may be able to bypass signature validation. Se abordó un problema de análisis de certificados con comprobaciones mejoradas. Este problema es corregido en tvOS versión 15.5, iOS versión 15.5 y iPadOS versión 15.5, Security Update 2022-004 Catalina, watchOS versión 8.6, macOS Big Sur versión 11.6.6, macOS Monterey versión 12.4. • https://support.apple.com/en-us/HT213253 https://support.apple.com/en-us/HT213254 https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 https://support.apple.com/en-us/HT213258 • CWE-295: Improper Certificate Validation •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2022-26765
https://notcve.org/view.php?id=CVE-2022-26765
A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Se abordó una condición de carrera con una administración de estado mejorada. Este problema es corregido en watchOS versión 8.6, tvOS versión 15.5, macOS Monterey versión 12.4, iOS versión 15.5 y iPadOS versión 15.5. • https://support.apple.com/en-us/HT213253 https://support.apple.com/en-us/HT213254 https://support.apple.com/en-us/HT213257 https://support.apple.com/en-us/HT213258 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2022-26764
https://notcve.org/view.php?id=CVE-2022-26764
A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations. Se abordó un problema de corrupción de memoria con una comprobación mejorada. Este problema es corregido en watchOS versión 8.6, tvOS versión 15.5, macOS Monterey versión 12.4, iOS versión 15.5 y iPadOS versión 15.5. • https://support.apple.com/en-us/HT213253 https://support.apple.com/en-us/HT213254 https://support.apple.com/en-us/HT213257 https://support.apple.com/en-us/HT213258 • CWE-787: Out-of-bounds Write •