CVE-2022-48503 – webkitgtk: improper bounds checking leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-48503
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution. El problema se solucionó con comprobaciones de límites mejoradas. Este problema se ha solucionado en tvOS 15.6, watchOS 8.7, iOS 15.6, iPadOS 15.6, macOS Monterey 12.5 and Safari 15.6. • https://support.apple.com/en-us/HT213340 https://support.apple.com/en-us/HT213341 https://support.apple.com/en-us/HT213342 https://support.apple.com/en-us/HT213345 https://support.apple.com/en-us/HT213346 https://access.redhat.com/security/cve/CVE-2022-48503 https://bugzilla.redhat.com/show_bug.cgi?id=2218623 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2020-36615
https://notcve.org/view.php?id=CVE-2020-36615
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1. Processing a maliciously crafted font may lead to arbitrary code execution. Se ha solucionado un problema de lectura fuera de los límites mejorando la comprobación de límites. Este problema se ha corregido en macOS Big Sur 11.0.1. • https://support.apple.com/en-us/HT211931 • CWE-125: Out-of-bounds Read •
CVE-2022-22646
https://notcve.org/view.php?id=CVE-2022-22646
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to modify protected parts of the file system. Este problema se solucionó eliminando el código vulnerable. Este problema se ha solucionado en macOS Monterey 12.2. • https://support.apple.com/en-us/HT213054 •
CVE-2022-46706
https://notcve.org/view.php?id=CVE-2022-46706
A type confusion issue was addressed with improved state handling. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to execute arbitrary code with kernel privileges. Se ha solucionado un problema de confusión de tipos mejorando la gestión de estados. Este problema se ha corregido en la actualización de seguridad 2022-003 Catalina, macOS Monterey 12.3 y macOS Big Sur 11.6.5. • https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213184 https://support.apple.com/en-us/HT213185 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2022-32876
https://notcve.org/view.php?id=CVE-2022-32876
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13. A shortcut may be able to view the hidden photos album without authentication. Se ha solucionado un problema de lógica mejorando las restricciones. Este problema se ha solucionado en macOS Ventura 13. • https://support.apple.com/en-us/HT213488 •