Lucene search
K

8351 matches found

CVE
CVE
added 2022/12/15 12:0 a.m.87 views

CVE-2022-32948

CVE-2022-32948 describes an out-of-bounds read that could allow an app to execute arbitrary code with kernel privileges. The vulnerability is associated with Apple’s Neural Engine and is fixed in Apple software updates: iOS 15.6, iPadOS 15.6, and macOS Monterey 12.5. The initial entry indicates t...

7.8CVSS7.7AI score0.00245EPSS
Exploits1References2Affected Software3
CVE
CVE
added 2022/12/15 12:0 a.m.119 views

CVE-2022-32943

The CVE-2022-32943 issue affects Apple’s Photos component and is addressed in iOS 16.2 and iPadOS 16.2, and macOS Ventura 13.1. The root cause is described as an issue addressed with improved bounds checks, preventingShake-to-undo from resurfacing a deleted photo without authentication. In the pu...

5.3CVSS5.5AI score0.00715EPSS
Exploits0References4Affected Software3
Cvelist
Cvelist
added 2022/12/15 12:0 a.m.22 views

CVE-2022-46690

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges...

8.2AI score0.00533EPSS
Exploits0References8
Cvelist
Cvelist
added 2022/12/15 12:0 a.m.28 views

CVE-2022-42856

A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this iss...

8.6AI score0.08523EPSS
Exploits0References12
CVE
CVE
added 2022/12/15 12:0 a.m.99 views

CVE-2022-42843

CVE-2022-42843 is an information-disclosure vulnerability fixed in Apple OS updates. According to the provided documents, applying updates to iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, and watchOS 9.2 mitigates the issue, which allowed a user to view sensitive user information. The ...

8.6CVSS5.5AI score0.00384EPSS
Exploits0References8Affected Software5
ATTACKERKB
ATTACKERKB
added 2022/12/15 12:0 a.m.54 views

CVE-2022-42856

A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this iss...

8.8CVSS2.1AI score0.08523EPSS
In wildExploits0References13
Cvelist
Cvelist
added 2022/12/15 12:0 a.m.21 views

CVE-2022-42805

An integer overflow was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges...

8.2AI score0.00325EPSS
Exploits1References2
CVE
CVE
added 2022/12/15 12:0 a.m.213 views

CVE-2022-46692

CVE-2022-46692 is a logic issue in WebKitGTK/WebKit causing a bypass of the Same Origin Policy when processing malicious web content. The Apple ecosystem fixes (Safari 16.2, iOS 16.2/iPadOS 16.2, macOS Ventura 13.1, watchOS 9.2, etc.) are documented in the initial CVE description. Connected advis...

5.5CVSS5.9AI score0.00197EPSS
Exploits0References13Affected Software7
Vulnrichment
Vulnrichment
added 2022/12/15 12:0 a.m.10 views

CVE-2022-46693

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing a maliciously crafted file may lead to arbitrary code execution...

7.4AI score0.00372EPSS
Exploits0References9
Cvelist
Cvelist
added 2022/12/15 12:0 a.m.28 views

CVE-2022-46698

A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information...

6.6AI score0.00905EPSS
Exploits0References12
CVE
CVE
added 2022/12/15 12:0 a.m.183 views

CVE-2022-46699

CVE-2022-46699 is a WebKitGTK/WebKitGTK2/WebKitGTK4 memory-corruption vulnerability that can allow arbitrary code execution when processing malicious web content. Connected advisories confirm the issue and its fixes across multiple distros: Debian/Ubuntu Debian-LTS (webKit2GTK/WebKit2GTK), Fedora...

8.8CVSS8.6AI score0.0119EPSS
Exploits0References11Affected Software6
CVE
CVE
added 2022/12/15 12:0 a.m.96 views

CVE-2022-46694

CVE-2022-46694 affects Apple devices via an out-of-bounds write triggered by parsing a malicious video file. Public documents consistently describe the root cause as improper input validation in the video parsing path, leading to potential kernel code execution. Affected software/hardware are App...

7.8CVSS7.8AI score0.00352EPSS
Exploits0References8Affected Software4
CVE
CVE
added 2022/12/15 12:0 a.m.169 views

CVE-2022-46691

CVE-2022-46691 is a memory consumption issue in WebKitGTK / WebKit that may enable arbitrary code execution when processing malicious web content. Connected advisories confirm the issue affects WebKitGTK/WebKit, with fixes delivered in Safari 16.2 and corresponding WebKitGTK updates. The underlyi...

8.8CVSS8.3AI score0.01508EPSS
Exploits0References13Affected Software6
CVE
CVE
added 2022/12/15 12:0 a.m.100 views

CVE-2022-46696

The CVE-2022-46696 entry describes a memory corruption vulnerability caused by insufficient input validation in web content processing. It affects Apple platforms where the issue is fixed: Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2, iPadOS 16.2, and watchOS 9.2. Successful exploitation ...

8.8CVSS8.9AI score0.01228EPSS
Exploits0References10Affected Software6
CVE
CVE
added 2022/12/15 12:0 a.m.92 views

CVE-2022-32860

CVE-2022-32860 is a local kernel‑level vulnerability described as an out‑of‑bounds write caused by improved input validation. Root cause: a faulty input path allows arbitrary code execution with kernel privileges. Affected platforms/versions per the sources: iOS 15.6, iPadOS 15.6, macOS Monterey ...

7.8CVSS7.9AI score0.00255EPSS
Exploits0References3Affected Software3
CVE
CVE
added 2022/12/15 12:0 a.m.251 views

CVE-2022-46689

CVE-2022-46689 is a local privilege-escalation race condition in Apple's XNU kernel related to copy-on-write handling. Public sources describe PoCs/exploits (e.g., MacDirtyCow family) that could enable an app to execute arbitrary code with kernel privileges by exploiting a race window in COW oper...

7CVSS7.5AI score0.44678EPSS
Exploits9References14Affected Software6
CVE
CVE
added 2022/12/15 12:0 a.m.171 views

CVE-2022-42863

CVE-2022-42863 is a WebKit/WebKitGTK memory corruption issue addressed by improved state management. The CVE entry specifies that processing malicious web content may lead to arbitrary code execution and lists affected platforms/versions: Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2, iPad...

8.8CVSS8.6AI score0.01119EPSS
Exploits0References12Affected Software6
Debian CVE
Debian CVE
added 2022/12/15 12:0 a.m.30 views

CVE-2022-42852

The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory...

6.5CVSS6.8AI score0.00939EPSS
Exploits0
Debian CVE
Debian CVE
added 2022/12/15 12:0 a.m.46 views

CVE-2022-42856

A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this iss...

8.8CVSS8.4AI score0.08523EPSS
Exploits0
Debian CVE
Debian CVE
added 2022/12/15 12:0 a.m.54 views

CVE-2022-42863

A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS8.5AI score0.01119EPSS
Exploits0
Rows per page
Query Builder