CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22675 – Apple macOS Out-of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2022-22675
01 Apr 2022 — An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.3.1, iOS 15.4.1 and iPadOS 15.4.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. • https://support.apple.com/en-us/HT213219 • CWE-787: Out-of-bounds Write •
CVSS: 8.2EPSS: 0%CPEs: 71EXPL: 4CVE-2018-25032 – zlib: A flaw found in zlib when compressing (not decompressing) certain inputs
https://notcve.org/view.php?id=CVE-2018-25032
25 Mar 2022 — zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. zlib versiones anteriores a 1.2.12 permite la corrupción de memoria al desinflar (es decir, al comprimir) si la entrada tiene muchas coincidencias distantes An out-of-bounds access flaw was found in zlib, which allows memory corruption when deflating (ex: when compressing) if the input has many distant matches. For some rare inputs with a large number of distant matches (crafted payload... • https://github.com/Trinadh465/external_zlib_4.4_CVE-2018-25032 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22669
https://notcve.org/view.php?id=CVE-2022-22669
18 Mar 2022 — A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. Este problema es corregido en macOS Monterey versión 12.3. • https://support.apple.com/en-us/HT213183 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 17EXPL: 0CVE-2022-22665
https://notcve.org/view.php?id=CVE-2022-22665
18 Mar 2022 — A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to gain root privileges. Se abordó un problema de lógica con una comprobación mejorada. Este problema es corregido en macOS Monterey versión 12.3. • http://seclists.org/fulldisclosure/2022/May/33 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22651
https://notcve.org/view.php?id=CVE-2022-22651
18 Mar 2022 — An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.3. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en macOS Monterey versión 12.3. • https://support.apple.com/en-us/HT213183 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22660
https://notcve.org/view.php?id=CVE-2022-22660
18 Mar 2022 — This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.3. An app may be able to spoof system notifications and UI. Este problema se abordó con una nueva habilitación. Este problema es corregido en macOS Monterey versión 12.3. • https://support.apple.com/en-us/HT213183 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22644
https://notcve.org/view.php?id=CVE-2022-22644
18 Mar 2022 — A privacy issue existed in the handling of Contact cards. This was addressed with improved state management. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to access information about a user's contacts. Se presentaba un problema de privacidad en el manejo de las tarjetas de contacto. • https://support.apple.com/en-us/HT213183 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22643
https://notcve.org/view.php?id=CVE-2022-22643
18 Mar 2022 — This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A user may send audio and video in a FaceTime call without knowing that they have done so. Este problema se abordó con comprobaciones mejoradas. Este problema es corregido en iOS versión 15.4 y iPadOS versión 15.4, macOS Monterey versión 12.3. • https://support.apple.com/en-us/HT213182 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-22639
https://notcve.org/view.php?id=CVE-2022-22639
15 Mar 2022 — A logic issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. An application may be able to gain elevated privileges. Se abordó un problema de lógica con una administración de estados mejorada. Este problema es corregido en iOS versión 15.4 y iPadOS versión 15.4, macOS Monterey versión 12.3. • https://github.com/jhftss/CVE-2022-22639 •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2022-22640
https://notcve.org/view.php?id=CVE-2022-22640
15 Mar 2022 — A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con una comprobación mejorada. Este problema es corregido en tvOS versión 15.4, iOS versión 15.4 y iPadOS versión 15.4, macOS Monterey versión 12.3, watchOS versión 8.5. • https://support.apple.com/en-us/HT213182 • CWE-787: Out-of-bounds Write •