CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32351
https://notcve.org/view.php?id=CVE-2023-32351
23 Jun 2023 — A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to gain elevated privileges. • https://support.apple.com/en-us/HT213763 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-32353
https://notcve.org/view.php?id=CVE-2023-32353
23 Jun 2023 — A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to elevate privileges. • https://github.com/86x/CVE-2023-32353-PoC • CWE-863: Incorrect Authorization •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2020-36521
https://notcve.org/view.php?id=CVE-2020-36521
23 Sep 2022 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema ha sido corregido en iCloud para Windows versión 11.4, iOS versión 14.0 y iPadOS v... • https://support.apple.com/en-us/HT211843 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26774
https://notcve.org/view.php?id=CVE-2022-26774
26 May 2022 — A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. A local attacker may be able to elevate their privileges. Se abordó un problema de lógica con una administración de estados mejorada. Este problema es corregido en iTunes versión 12.12.4 para Windows. • https://support.apple.com/en-us/HT213259 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26773 – Apple iTunes Incorrect Permission Assignment Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-26773
26 May 2022 — A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. An application may be able to delete files for which it does not have permission. Se abordó un problema lógico con una administración de estados mejorada. Este problema es corregido en iTunes versión 12.12.4 para Windows. • https://support.apple.com/en-us/HT213259 •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 1CVE-2022-26717 – webkitgtk: Use-after-free leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-26717
17 May 2022 — A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. Se solucionó un problema de uso después de la liberación con una gestión de memoria mejorada. Este problema se solucionó en tvOS 15.5, watchOS 8.6, iOS 15.5 y iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 para ... • https://github.com/theori-io/CVE-2022-26717-Safari-WebGL-Exploit • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2022-26751 – Apple macOS HEIC File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-26751
17 May 2022 — A memory corruption issue was addressed with improved input validation. This issue is fixed in iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6, macOS Monterey 12.4. Processing a maliciously crafted image may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con una comprobación de entradas mejorada. Este problema es corregido en iTunes versión 12.12.4 para Windows, iOS versión 15.5 y iPadOS versión 15.5, Security Up... • https://support.apple.com/en-us/HT213255 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 6EXPL: 0CVE-2022-26711 – Apple macOS ImageIO WebP File Parsing Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-26711
17 May 2022 — An integer overflow issue was addressed with improved input validation. This issue is fixed in tvOS 15.5, iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. Se abordó un problema de desbordamiento de enteros con una comprobación de entradas mejorada. Este problema es corregido en tvOS versión 15.5, iTunes versión 12.12.4 para Windows, iOS versión 15.5 y iPadOS versión 1... • https://support.apple.com/en-us/HT213253 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22611 – Apple Security Advisory 2022-03-14-4
https://notcve.org/view.php?id=CVE-2022-22611
15 Mar 2022 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema es corregido en tvOS versión 15.4, iOS versión 15.4 y iPadOS versión 15.4, iTunes versión 12.12.3 para Windows, watchOS versión 8.5, macOS Monterey ve... • https://support.apple.com/en-us/HT213182 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22612 – Apple Security Advisory 2022-03-14-4
https://notcve.org/view.php?id=CVE-2022-22612
15 Mar 2022 — A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to heap corruption. Se abordó un problema de consumo de memoria con un manejo de memoria mejorado. Este problema es corregido en tvOS versión 15.4, iOS versión 15.4 y iPadOS versión 15.4, iTunes versión 12.12.3 para Windows, watchOS versión 8.5, macOS Monterey versión 1... • https://support.apple.com/en-us/HT213182 • CWE-787: Out-of-bounds Write •