CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 0CVE-2022-22615
https://notcve.org/view.php?id=CVE-2022-22615
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. Este problema es corregido en tvOS versión 15.4, iOS versión 15.4 y iPadOS versión 15.4, macOS Big Sur versión 11.6.5, Security Update 2022-003 Catalina, watchOS versión 8.5, macOS Monterey versión 12.3. • https://support.apple.com/en-us/HT213182 https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213184 https://support.apple.com/en-us/HT213185 https://support.apple.com/en-us/HT213186 https://support.apple.com/en-us/HT213193 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 1CVE-2022-22616 – macOS Gatekeeper check bypass
https://notcve.org/view.php?id=CVE-2022-22616
This issue was addressed with improved checks. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks. Este problema ha sido abordado con unas comprobaciones mejoradas. Este problema es corregido en Security Update 2022-003 Catalina, macOS Monterey versión 12.3, macOS Big Sur versión 11.6.5. • https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213184 https://support.apple.com/en-us/HT213185 https://cedowens.medium.com/macos-gatekeeper-bypass-2021-edition-5256a2955508 https://objective-see.com/blog/blog_0x64.html https://jhftss.github.io/CVE-2022-22616-Gatekeeper-Bypass https://www.jamf.com/blog/jamf-threat-labs-safari-vuln-gatekeeper-bypass https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/osx/browser/osx_gatekeeper_bypass.rb •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2022-22617
https://notcve.org/view.php?id=CVE-2022-22617
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to gain elevated privileges. Se abordó un problema de lógica con una administración de estados mejorada. Este problema es corregido en macOS Big Sur versión 11.6.5, macOS Monterey versión 12.3 y Security Update 2022-003 Catalina. • https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213184 https://support.apple.com/en-us/HT213185 https://support.apple.com/kb/HT213257 •
CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 0CVE-2022-22625 – Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-22625
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema es corregido en macOS Big Sur versión 11.6.5, macOS Monterey versión 12.3 y Security Update 2022-003 Catalina. • https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213184 https://support.apple.com/en-us/HT213185 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 0CVE-2022-22626 – Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-22626
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en macOS Big Sur versión 11.6.5, macOS Monterey versión 12.3 y Security Update 2022-003 Catalina. • https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213184 https://support.apple.com/en-us/HT213185 • CWE-125: Out-of-bounds Read •