CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-26704
https://notcve.org/view.php?id=CVE-2022-26704
A validation issue existed in the handling of symlinks and was addressed with improved validation of symlinks. This issue is fixed in macOS Monterey 12.4. An app may be able to gain elevated privileges. Se presentaba un problema de comprobación en el manejo de los enlaces simbólicos y se abordó con una comprobación de los enlaces simbólicos mejorada. Este problema es corregido en macOS Monterey versión 12.4. • http://seclists.org/fulldisclosure/2022/Jul/13 http://seclists.org/fulldisclosure/2022/Jul/14 https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0032/MNDT-2022-0032.md https://support.apple.com/en-us/HT213257 https://support.apple.com/kb/HT213343 https://support.apple.com/kb/HT213344 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.1EPSS: 0%CPEs: 18EXPL: 0CVE-2022-26698 – Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-26698
An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. Se abordó un problema de lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en Security Update 2022-004 Catalina, macOS Monterey versión 12.4 y macOS Big Sur versión 11.6.6. • https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 16EXPL: 0CVE-2022-26715
https://notcve.org/view.php?id=CVE-2022-26715
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to gain elevated privileges. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en Security Update 2022-004 Catalina, macOS Monterey versión 12.4, macOS Big Sur versión 11.6.6. • https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-26712
https://notcve.org/view.php?id=CVE-2022-26712
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to modify protected parts of the file system. Este problema se abordó eliminando el código vulnerable. Este problema es corregido en macOS Monterey versión 12.4, macOS Big Sur versión 11.6.6. • https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-26731
https://notcve.org/view.php?id=CVE-2022-26731
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious website may be able to track users in Safari private browsing mode. Se abordó un problema de lógica con una administración de estados mejorada. Este problema es corregido en macOS Monterey versión 12.4, iOS versión 15.5 y iPadOS versión 15.5. • https://support.apple.com/en-us/HT213257 https://support.apple.com/en-us/HT213258 https://support.apple.com/kb/HT213256 •