CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-26723
https://notcve.org/view.php?id=CVE-2022-26723
26 May 2022 — A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con una comprobación de entradas mejorada. Este problema es corregido en macOS Monterey versión 12.4 y macOS Big Sur versión 11.6.6. • https://support.apple.com/en-us/HT213256 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-26718
https://notcve.org/view.php?id=CVE-2022-26718
26 May 2022 — An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to gain elevated privileges. Se abordó un problema de lectura fuera de límites con una comprobación de entrada mejorada. Este problema es corregido en macOS Monterey versión 12.4, macOS Big Sur versión 11.6.6. • https://support.apple.com/en-us/HT213256 • CWE-125: Out-of-bounds Read •
CVSS: 7.2EPSS: 0%CPEs: 24EXPL: 0CVE-2022-26691 – cups: authorization bypass when using "local" authorization
https://notcve.org/view.php?id=CVE-2022-26691
26 May 2022 — A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges. Se abordó un problema de lógica con una administración de estados mejorada. Este problema es corregido en Security Update 2022-003 Catalina, macOS Monterey versión 12.3, macOS Big Sur versión 11.6.5. • https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444 • CWE-288: Authentication Bypass Using an Alternate Path or Channel CWE-697: Incorrect Comparison •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26690
https://notcve.org/view.php?id=CVE-2022-26690
26 May 2022 — Description: A race condition was addressed with additional validation. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to modify protected parts of the file system. Descripción: Ha sido abordado una condición de carrera con una comprobación adicional. Este problema es corregido en macOS Monterey 12.3. • https://support.apple.com/en-us/HT213183 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-26688 – Apple macOS PackageKit PKCoreShove Link Following System Integrity Protection Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-26688
26 May 2022 — An issue in the handling of symlinks was addressed with improved validation. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A malicious app with root privileges may be able to modify the contents of system files. Se abordó un problema en el manejo de los enlaces simbólicos con una comprobación mejorada. Este problema es corregido en Security Update 2022-003 Catalina, macOS Monterey versión 12.3 y macOS Big Sur versión 11.6.5. • https://support.apple.com/en-us/HT213183 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22676 – Apple macOS PackageKit PKInstallService Directory Traversal System Integrity Protection Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-22676
26 May 2022 — An event handler validation issue in the XPC Services API was addressed by removing the service. This issue is fixed in macOS Monterey 12.2. An application may be able to delete files for which it does not have permission. Se abordó un problema de comprobación de manejadores de eventos en la API de servicios XPC mediante la eliminación del servicio. Este problema es corregido en macOS Monterey versión 12.2. • https://support.apple.com/en-us/HT213054 •
CVSS: 9.3EPSS: 0%CPEs: 19EXPL: 0CVE-2022-22672
https://notcve.org/view.php?id=CVE-2022-22672
26 May 2022 — A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.4 and iPadOS 15.4, Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con una administración de memoria mejorada. Este problema es corregido en iOS versión 15.4 y iPadOS versión 15.4, Security Update 2022-003 Catalina, macOS Monterey versión 12.3 y ma... • https://support.apple.com/en-us/HT213182 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2022-1851 – Out-of-bounds Read in vim/vim
https://notcve.org/view.php?id=CVE-2022-1851
25 May 2022 — Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. Una Lectura Fuera de Límites en el repositorio GitHub vim/vim versiones anteriores a 8.2 • http://seclists.org/fulldisclosure/2022/Oct/28 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2022-26768
https://notcve.org/view.php?id=CVE-2022-26768
17 May 2022 — A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con una administración de estados mejorada. Este problema es corregido en macOS Monterey versión 12.4, watchOS versión 8.6, tvOS versión 15.5, macOS Big Sur versión 11.6.6. • http://seclists.org/fulldisclosure/2022/Jul/12 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 20EXPL: 1CVE-2022-26763 – macOS 12.3.1 Local Root
https://notcve.org/view.php?id=CVE-2022-26763
17 May 2022 — An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious application may be able to execute arbitrary code with system privileges. Se abordó un problema de acceso fuera de límites con una comprobación de límites mejorada. Este problema es corregido en tvOS versión 15.5, iOS versión 15.5 y iPadOS versión 15.5, Security Update 2022... • https://github.com/zhuowei/PCICrash • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •