CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32922 – Apple Safari PDFPluginAnnotation Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-32922
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. Processing maliciously crafted web content may lead to arbitrary code execution. Se solucionó un problema de Use After Free con una gestión de memoria mejorada. Este problema se solucionó en Safari 16.1, iOS 16.1 y iPadOS 16, macOS Ventura 13. • https://support.apple.com/en-us/HT213488 https://support.apple.com/en-us/HT213489 https://support.apple.com/en-us/HT213495 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32947
https://notcve.org/view.php?id=CVE-2022-32947
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en iOS 16.1 y iPadOS 16, macOS Ventura 13, watchOS 9.1. • https://support.apple.com/en-us/HT213488 https://support.apple.com/en-us/HT213489 https://support.apple.com/en-us/HT213491 •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-42823 – webkitgtk: type confusion issue leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-42823
A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution. Se solucionó un problema de confusión de tipos mejorando el manejo de la memoria. Este problema se solucionó en tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 y iPadOS 16. • http://www.openwall.com/lists/oss-security/2022/11/04/4 https://lists.debian.org/debian-lts-announce/2022/11/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LF4LYP725XZ7RWOPFUV6DGPN4Q5DUU4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AQKLEGJK3LHAKUQOLBHNR2DI3IUGLLTY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JOFKX6BUEJFECSVFV6P5INQCOYQBB4NZ https://security.gentoo.org/glsa/202 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.1EPSS: 0%CPEs: 11EXPL: 0CVE-2022-42799 – webkitgtk: issue was addressed with improved UI handling
https://notcve.org/view.php?id=CVE-2022-42799
The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing. El problema se solucionó mejorando el manejo de la interfaz de usuario. Este problema se solucionó en tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 y iPadOS 16. • http://www.openwall.com/lists/oss-security/2022/11/04/4 https://lists.debian.org/debian-lts-announce/2022/11/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LF4LYP725XZ7RWOPFUV6DGPN4Q5DUU4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AQKLEGJK3LHAKUQOLBHNR2DI3IUGLLTY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JOFKX6BUEJFECSVFV6P5INQCOYQBB4NZ https://security.gentoo.org/glsa/202 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-32924 – XNU Dangling PTE Entry
https://notcve.org/view.php?id=CVE-2022-32924
The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Big Sur 11.7, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6. An app may be able to execute arbitrary code with kernel privileges. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en tvOS 16.1, macOS Big Sur 11.7, macOS Ventura 13, watchOS 9.1, iOS 16.1 y iPadOS 16, macOS Monterey 12.6. • http://packetstormsecurity.com/files/170010/XNU-Dangling-PTE-Entry.html https://support.apple.com/en-us/HT213443 https://support.apple.com/en-us/HT213444 https://support.apple.com/en-us/HT213488 https://support.apple.com/en-us/HT213489 https://support.apple.com/en-us/HT213491 https://support.apple.com/en-us/HT213492 •