CVSS: 5.5EPSS: 0%CPEs: 19EXPL: 0CVE-2022-32838
https://notcve.org/view.php?id=CVE-2022-32838
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6. An app may be able to read arbitrary files. Se abordó un problema de lógica con un administración de estados mejorada. Este problema es corregido en macOS Monterey versión 12.5, macOS Big Sur versión 11.6.8, Security Update 2022-005 Catalina, iOS versión 15.6 y iPadOS versión 15.6. • https://support.apple.com/en-us/HT213343 https://support.apple.com/en-us/HT213344 https://support.apple.com/en-us/HT213345 https://support.apple.com/en-us/HT213346 •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-32834
https://notcve.org/view.php?id=CVE-2022-32834
An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to access sensitive user information. Se abordó un problema de acceso con el sandbox mejorado. Este problema es corregido en macOS Monterey versión 12.5, macOS Big Sur versión 11.6.8 y Security Update 2022-005 Catalina. • https://support.apple.com/en-us/HT213343 https://support.apple.com/en-us/HT213344 https://support.apple.com/en-us/HT213345 •
CVSS: 9.8EPSS: 1%CPEs: 21EXPL: 0CVE-2022-32839
https://notcve.org/view.php?id=CVE-2022-32839
The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A remote user may cause an unexpected app termination or arbitrary code execution. Se abordó este problema con una comprobación de límites mejorada. Este problema es corregido en macOS Monterey versión 12.5, macOS Big Sur versión 11.6.8, Security Update 2022-005 Catalina, iOS versión 15.6 y iPadOS versión 15.6, tvOS versión 15.6, watchOS versión 8.7. • https://support.apple.com/en-us/HT213340 https://support.apple.com/en-us/HT213342 https://support.apple.com/en-us/HT213343 https://support.apple.com/en-us/HT213344 https://support.apple.com/en-us/HT213345 https://support.apple.com/en-us/HT213346 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-32894 – Apple iOS and macOS Out-of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2022-32894
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. • http://seclists.org/fulldisclosure/2022/Aug/16 http://seclists.org/fulldisclosure/2022/Oct/45 http://seclists.org/fulldisclosure/2022/Oct/49 https://support.apple.com/en-us/HT213412 https://support.apple.com/en-us/HT213413 https://support.apple.com/kb/HT213443 https://support.apple.com/kb/HT213486 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 16EXPL: 0CVE-2022-22630 – Apple macOS Remote Events Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-22630
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.6, macOS Monterey 12.3, Security Update 2022-004 Catalina. A remote user may cause an unexpected app termination or arbitrary code execution This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within Apple Remote Events. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. • https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 • CWE-416: Use After Free •