CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2022-32815
https://notcve.org/view.php?id=CVE-2022-32815
The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges. Se abordó este problema con un manejo de memoria mejorado. Este problema ha sido corregido en iOS versión 15.6 y iPadOS versión 15.6, macOS Big Sur versión 11.6.8, watchOS versión 8.7, tvOS versión 15.6, macOS Monterey versión 12.5, Security Update 2022-005 Catalina. • https://support.apple.com/en-us/HT213340 https://support.apple.com/en-us/HT213342 https://support.apple.com/en-us/HT213343 https://support.apple.com/en-us/HT213344 https://support.apple.com/en-us/HT213345 https://support.apple.com/en-us/HT213346 •
CVSS: 8.8EPSS: 1%CPEs: 31EXPL: 0CVE-2022-2294 – WebRTC Heap Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2022-2294
Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en WebRTC en Google Chrome versiones anteriores a 103.0.5060.114, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada WebRTC, an open-source project providing web browsers with real-time communication, contains a heap buffer overflow vulnerability that allows an attacker to perform shellcode execution. This vulnerability impacts web browsers using WebRTC including but not limited to Google Chrome. • http://www.openwall.com/lists/oss-security/2022/07/28/2 https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop.html https://crbug.com/1341043 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BQRTR4SIUNIHLLPWTGYSDNQK7DYCRSB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H2C4XOJVIILDXTOSMWJXHSQNEXFWSOD7 https://security.gentoo.org/glsa/202208-35 https://security.gentoo.org/glsa/202208-39 https://sec • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 21EXPL: 0CVE-2022-32787
https://notcve.org/view.php?id=CVE-2022-32787
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de escritura fuera de límites con una comprobación mejorada de los límites. Este problema ha sido corregido en iOS versión 15.6 y iPadOS versión 15.6, macOS Big Sur versión 11.6.8, watchOS versión 8.7, tvOS versión 15.6, macOS Monterey versión 12.5, Security Update 2022-005 Catalina. • https://support.apple.com/en-us/HT213340 https://support.apple.com/en-us/HT213342 https://support.apple.com/en-us/HT213343 https://support.apple.com/en-us/HT213344 https://support.apple.com/en-us/HT213345 https://support.apple.com/en-us/HT213346 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 19EXPL: 0CVE-2022-32785
https://notcve.org/view.php?id=CVE-2022-32785
A null pointer dereference was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing an image may lead to a denial-of-service. Se abordó una desreferencia de puntero null con una comprobación mejorada. Este problema ha sido corregido en iOS versión 15.6 y iPadOS versión 15.6, Security Update 2022-005 Catalina, macOS Big Sur versión 11.6.8, macOS Monterey versión 12.5. • https://support.apple.com/en-us/HT213343 https://support.apple.com/en-us/HT213344 https://support.apple.com/en-us/HT213345 https://support.apple.com/en-us/HT213346 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-32814
https://notcve.org/view.php?id=CVE-2022-32814
A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. Se abordó un problema de confusión de tipos con un manejo de estados mejorado. Este problema ha sido corregido en watchOS versión 8.7, tvOS versión 15.6, iOS versión 15.6 y iPadOS versión 15.6, macOS Monterey versión 12.5. • https://support.apple.com/en-us/HT213340 https://support.apple.com/en-us/HT213342 https://support.apple.com/en-us/HT213345 https://support.apple.com/en-us/HT213346 https://support.apple.com/kb/HT213344 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •