8351 matches found
CVE-2022-42856
CVE-2022-42856 is a type-confusion vulnerability in WebKit/WebKitGTK that could allow arbitrary code execution when processing malicious web content. The connected documents confirm impact across WebKit-based products, including Apple WebKit (Safari) and WebKitGTK, with fixes in Safari 16.2, macO...
CVE-2022-42864
CVE-2022-42864 describes a race condition in Apple's IOHID kernel path (IOHIDDevice::postElementTransaction) where element data may be read from shared memory while being validated, allowing out-of-bounds reads and writes on kernel heap. Exploitation details circulated in public proof-of-concept ...
CVE-2022-42849
An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue is fixed in iOS 16.2 and iPadOS 16.2, tvOS 16.2, watchOS 9.2. A user may be able to elevate privileges...
CVE-2022-46702
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2. An app may be able to disclose kernel memory...
CVE-2022-42850
CVE-2022-42850 is an Apple iOS/iPadOS vulnerability where an app could execute arbitrary code with kernel privileges due to improved memory handling. The issue affects iOS and iPadOS and is addressed in iOS 16.2 and iPadOS 16.2. The core detail provided states the vulnerability arises from memory...
CVE-2022-32943
The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication...
CVE-2022-42852
Mode C: CVE-2022-42852 affects WebKitGTK (webkitgtk2/gtk3 WebKit) components used in Linux GTK-based deployments. The issue allows processing of malicious web content to disclose process memory. Public advisories confirm fixes in WebKitGTK-related packages (e.g., Debian webkit2gtk updates, Fedora...
CVE-2022-42842
CVE-2022-42842 affects Apple platforms and is tied to a kernel memory handling issue that could allow remote code execution. The CVE is listed among Apple TV vulnerabilities in the Apple TV 16.2 and related macOS/iOS/watchOS updates as fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1...
CVE-2022-42865
This CVE (CVE-2022-42865) concerns Apple platforms and is addressed by enabling hardened runtime. It is fixed in iOS 16.2, iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, and watchOS 9.2. The issue allows an app to bypass Privacy preferences. The connected documents corroborate: the vulnerability is ...
CVE-2022-46698
CVE-2022-46698 is a logic issue in WebKitGTK where processing malicious web content may disclose sensitive user information. Multiple connected advisories confirm this issue in WebKitGTK/WebKit2GTK components and list it among fixed CVEs after updates to WebKitGTK packages. Affected products incl...
CVE-2022-42850
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2. An app may be able to execute arbitrary code with kernel privileges...
PT-2022-26622 · Apple · Ios +1
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16.2 iPadOS versions prior to 16.2 Description: The issue was addressed with improved memory handling. An app may be able to break out of its sandbox. Recommendations: For iOS versions prior to 16.2, update to iOS 16.2 o...
CVE-2022-46700
A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2022-46690
CVE-2022-46690 is an Apple family issue described as an out-of-bounds write that was addressed with improved input validation. The Apple security content lists multiple components affected across platforms (iOS, iPadOS, macOS, tvOS, watchOS), with the kernel and several subsystems (e.g., IOMobile...
CVE-2022-42848
A logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2. An app may be able to execute arbitrary code with kernel privileges...
CVE-2022-42850
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2. An app may be able to execute arbitrary code with kernel privileges...
CVE-2022-42862
CVE-2022-42862 affects Apple platforms (iOS/iPadOS/macOS). The advisory notes the issue was resolved by removing the vulnerable code and is fixed in iOS 16.2 / iPadOS 16.2 and macOS Ventura 13.1, addressing an app-level privacy preferences bypass. The CVSS vector indicates a local, low-attack com...
PT-2022-27961 · Apple · Ios +1
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16.2 iPadOS versions prior to 16.2 Description: The issue allows an app to potentially disclose kernel memory due to inadequate memory handling. This has been addressed with improved memory handling. Recommendations: For...
CVE-2022-32948
CVE-2022-32948 describes an out-of-bounds read that could allow an app to execute arbitrary code with kernel privileges. The vulnerability is associated with Apple’s Neural Engine and is fixed in Apple software updates: iOS 15.6, iPadOS 15.6, and macOS Monterey 12.5. The initial entry indicates t...
CVE-2022-32943
The CVE-2022-32943 issue affects Apple’s Photos component and is addressed in iOS 16.2 and iPadOS 16.2, and macOS Ventura 13.1. The root cause is described as an issue addressed with improved bounds checks, preventingShake-to-undo from resurfacing a deleted photo without authentication. In the pu...