8351 matches found
CVE-2022-32948
CVE-2022-32948 describes an out-of-bounds read that could allow an app to execute arbitrary code with kernel privileges. The vulnerability is associated with Apple’s Neural Engine and is fixed in Apple software updates: iOS 15.6, iPadOS 15.6, and macOS Monterey 12.5. The initial entry indicates t...
CVE-2022-32943
The CVE-2022-32943 issue affects Apple’s Photos component and is addressed in iOS 16.2 and iPadOS 16.2, and macOS Ventura 13.1. The root cause is described as an issue addressed with improved bounds checks, preventingShake-to-undo from resurfacing a deleted photo without authentication. In the pu...
CVE-2022-46690
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges...
CVE-2022-42856
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this iss...
CVE-2022-42843
CVE-2022-42843 is an information-disclosure vulnerability fixed in Apple OS updates. According to the provided documents, applying updates to iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, and watchOS 9.2 mitigates the issue, which allowed a user to view sensitive user information. The ...
CVE-2022-42856
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this iss...
CVE-2022-42805
An integer overflow was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges...
CVE-2022-46692
CVE-2022-46692 is a logic issue in WebKitGTK/WebKit causing a bypass of the Same Origin Policy when processing malicious web content. The Apple ecosystem fixes (Safari 16.2, iOS 16.2/iPadOS 16.2, macOS Ventura 13.1, watchOS 9.2, etc.) are documented in the initial CVE description. Connected advis...
CVE-2022-46693
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing a maliciously crafted file may lead to arbitrary code execution...
CVE-2022-46698
A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information...
CVE-2022-46699
CVE-2022-46699 is a WebKitGTK/WebKitGTK2/WebKitGTK4 memory-corruption vulnerability that can allow arbitrary code execution when processing malicious web content. Connected advisories confirm the issue and its fixes across multiple distros: Debian/Ubuntu Debian-LTS (webKit2GTK/WebKit2GTK), Fedora...
CVE-2022-46694
CVE-2022-46694 affects Apple devices via an out-of-bounds write triggered by parsing a malicious video file. Public documents consistently describe the root cause as improper input validation in the video parsing path, leading to potential kernel code execution. Affected software/hardware are App...
CVE-2022-46691
CVE-2022-46691 is a memory consumption issue in WebKitGTK / WebKit that may enable arbitrary code execution when processing malicious web content. Connected advisories confirm the issue affects WebKitGTK/WebKit, with fixes delivered in Safari 16.2 and corresponding WebKitGTK updates. The underlyi...
CVE-2022-46696
The CVE-2022-46696 entry describes a memory corruption vulnerability caused by insufficient input validation in web content processing. It affects Apple platforms where the issue is fixed: Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2, iPadOS 16.2, and watchOS 9.2. Successful exploitation ...
CVE-2022-32860
CVE-2022-32860 is a local kernel‑level vulnerability described as an out‑of‑bounds write caused by improved input validation. Root cause: a faulty input path allows arbitrary code execution with kernel privileges. Affected platforms/versions per the sources: iOS 15.6, iPadOS 15.6, macOS Monterey ...
CVE-2022-46689
CVE-2022-46689 is a local privilege-escalation race condition in Apple's XNU kernel related to copy-on-write handling. Public sources describe PoCs/exploits (e.g., MacDirtyCow family) that could enable an app to execute arbitrary code with kernel privileges by exploiting a race window in COW oper...
CVE-2022-42863
CVE-2022-42863 is a WebKit/WebKitGTK memory corruption issue addressed by improved state management. The CVE entry specifies that processing malicious web content may lead to arbitrary code execution and lists affected platforms/versions: Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2, iPad...
CVE-2022-42852
The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory...
CVE-2022-42856
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this iss...
CVE-2022-42863
A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution...