CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22666 – AppleVideoDecoder CreateHeaderBuffer Out-Of-Bounds Free
https://notcve.org/view.php?id=CVE-2022-22666
A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, watchOS 8.5. Processing a maliciously crafted image may lead to heap corruption. Se abordó un problema de corrupción de memoria con una comprobación mejorada. Este problema es corregido en tvOS versión 15.4, iOS versión 15.4 y iPadOS versión 15.4, watchOS versión 8.5. • http://packetstormsecurity.com/files/167144/AppleVideoDecoder-CreateHeaderBuffer-Out-Of-Bounds-Free.html https://support.apple.com/en-us/HT213182 https://support.apple.com/en-us/HT213186 https://support.apple.com/en-us/HT213193 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-22609
https://notcve.org/view.php?id=CVE-2022-22609
The issue was addressed with additional permissions checks. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A malicious application may be able to read other applications' settings. Este problema se abordó con comprobaciones de permisos adicionales. Este problema es corregido en tvOS versión 15.4, iOS versión 15.4 y iPadOS versión 15.4, macOS Monterey versión 12.3, watchOS versión 8.5. • https://support.apple.com/en-us/HT213182 https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213186 https://support.apple.com/en-us/HT213193 •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22641
https://notcve.org/view.php?id=CVE-2022-22641
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. An application may be able to gain elevated privileges. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. Este problema es corregido en tvOS versión 15.4, iOS versión 15.4 y iPadOS versión 15.4, macOS Monterey versión 12.3. • https://support.apple.com/en-us/HT213182 https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213186 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2022-22640
https://notcve.org/view.php?id=CVE-2022-22640
A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con una comprobación mejorada. Este problema es corregido en tvOS versión 15.4, iOS versión 15.4 y iPadOS versión 15.4, macOS Monterey versión 12.3, watchOS versión 8.5. • https://support.apple.com/en-us/HT213182 https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213186 https://support.apple.com/en-us/HT213193 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-22600
https://notcve.org/view.php?id=CVE-2022-22600
The issue was addressed with improved permissions logic. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A malicious application may be able to bypass certain Privacy preferences. Este problema se abordó con una lógica de permisos mejorada. Este problema es corregido en tvOS versión 15.4, iOS versión 15.4 y iPadOS versión 15.4, macOS Monterey versión 12.3, watchOS versión 8.5. • https://support.apple.com/en-us/HT213182 https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213186 https://support.apple.com/en-us/HT213193 •