115 matches found
CVE-2022-32946
This issue was addressed with improved entitlements. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to record audio using a pair of connected AirPods...
CVE-2022-42830
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges...
CVE-2022-42800
This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A user may be able to cause unexpected app termination or arbitrary code execution...
CVE-2022-32941
The issue was addressed with improved bounds checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A buffer overflow may result in arbitrary code execution...
CVE-2022-32932
The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges...
CVE-2022-42823
A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2022-42820
CVE-2022-42820 is a memory corruption issue affecting Apple IOHIDFamily components, addressed by Apple in the macOS Ventura 13 security updates and iOS 16.1 / iPadOS 16. The issue could lead to an app termination or arbitrary code execution. The official Apple advisory references IOHIDFamily and ...
CVE-2022-32947
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges...
CVE-2022-42813
A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. Processing a maliciously crafted certificate may lead to arbitrary code execution...
CVE-2022-42800
CVE-2022-42800 affects Apple platforms including iOS, iPadOS, macOS, watchOS and related OS updates. The issue is mitigated by Apple through updated builds: iOS/iPadOS 15.7.1, iOS 16.1, macOS Ventura 13 (and Monterey 12.6.1, Big Sur 11.7.1), watchOS 9.1, with the fix described as improved checks ...
CVE-2022-42832
A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges...
CVE-2022-32940
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges...
CVE-2022-42820
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may cause unexpected app termination or arbitrary code execution...
CVE-2022-32927
The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. Joining a malicious Wi-Fi network may result in a denial-of-service of the Settings app...
CVE-2022-42799
CVE-2022-42799 describes a UI spoofing vulnerability in WebKitGTK/WebKit-based browsers when visiting a malicious site. The Apple OS updates fixed this (tvOS/macOS/iOS/watchOS Safari/WebKit) to mitigate UI spoofing. Connected advisories show WebKitGTK/WebKit fixes: Debian/Ubuntu advisories (CVE-2...
CVE-2022-32947
CVE-2022-32947 affects Apple platforms (iOS/iPadOS/macOS) and is tied to memory handling issues in GPU/Kernel components that could allow an app to execute arbitrary code with kernel privileges. Public documentation confirms the vulnerability could enable kernel-level code execution and that patc...
CVE-2022-32946
This issue was addressed with improved entitlements. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to record audio using a pair of connected AirPods...
CVE-2022-42831
A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges...
CVE-2022-32939
CVE-2022-32939 is Apple iOS/iPadOS graphics driver kernel‑level vulnerability. The issue allowed an app to execute arbitrary code with kernel privileges due to bounds checking improvements. Apple patched it in iOS 15.7.1/iPadOS 15.7.1 and iOS 16.1/iPadOS 16. The Nessus/NVD entries corroborate the...
CVE-2022-32938
CVE-2022-32938 affects Apple Shortcuts handling of directory paths. A parsing issue allowed a shortcut to check for the existence of an arbitrary path on the file system. Affected products/versions: iOS 16.1 and iPadOS 16; macOS Ventura 13. The issue is mitigated by the vendor’s fix through impro...