CVSS: 7.6EPSS: 0%CPEs: 5EXPL: 0CVE-2022-26701
https://notcve.org/view.php?id=CVE-2022-26701
A race condition was addressed with improved locking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. Se abordó una condición de carrera con un bloqueo mejorado. Este problema es corregido en tvOS versión 15.5, macOS Monterey versión 12.4, iOS versión 15.5 y iPadOS versión 15.5. • https://support.apple.com/en-us/HT213254 https://support.apple.com/en-us/HT213257 https://support.apple.com/en-us/HT213258 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 1CVE-2022-26717 – webkitgtk: Use-after-free leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-26717
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. Se solucionó un problema de uso después de la liberación con una gestión de memoria mejorada. Este problema se solucionó en tvOS 15.5, watchOS 8.6, iOS 15.5 y iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 para Windows. • https://github.com/theori-io/CVE-2022-26717-Safari-WebGL-Exploit https://support.apple.com/en-us/HT213253 https://support.apple.com/en-us/HT213254 https://support.apple.com/en-us/HT213257 https://support.apple.com/en-us/HT213258 https://support.apple.com/en-us/HT213259 https://support.apple.com/en-us/HT213260 https://access.redhat.com/security/cve/CVE-2022-26717 https://bugzilla.redhat.com/show_bug.cgi?id=2092735 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22675 – Apple macOS Out-of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2022-22675
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.3.1, iOS 15.4.1 and iPadOS 15.4.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. • https://support.apple.com/en-us/HT213219 https://support.apple.com/en-us/HT213220 https://support.apple.com/en-us/HT213253 https://support.apple.com/en-us/HT213254 https://support.apple.com/en-us/HT213256 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22659
https://notcve.org/view.php?id=CVE-2022-22659
A logic issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4. An attacker in a privileged network position may be able to leak sensitive user information. Se abordó un problema de lógica con una administración de estados mejorada. Este problema es corregido en iOS versión 15.4 y iPadOS versión 15.4. • https://support.apple.com/en-us/HT213182 •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22667
https://notcve.org/view.php?id=CVE-2022-22667
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.4 and iPadOS 15.4. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. Este problema es corregido en iOS versión 15.4 y iPadOS versión 15.4. • https://support.apple.com/en-us/HT213182 • CWE-416: Use After Free •