Total
697 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-32823 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2023-12-10 | N/A | 5.5 MEDIUM |
| A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to leak sensitive user information. | |||||
| CVE-2022-22650 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A plug-in may be able to inherit the application's permissions and access user data. | |||||
| CVE-2022-22638 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| A null pointer dereference was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An attacker in a privileged position may be able to perform a denial of service attack. | |||||
| CVE-2022-26766 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious app may be able to bypass signature validation. | |||||
| CVE-2022-26726 | 1 Apple | 3 Mac Os X, Macos, Watchos | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in Security Update 2022-004 Catalina, watchOS 8.6, macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to capture a user's screen. | |||||
| CVE-2022-26728 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to access restricted files. | |||||
| CVE-2022-22674 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
| An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. A local user may be able to read kernel memory. | |||||
| CVE-2022-26688 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | 4.9 MEDIUM | 4.4 MEDIUM |
| An issue in the handling of symlinks was addressed with improved validation. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A malicious app with root privileges may be able to modify the contents of system files. | |||||
| CVE-2022-26691 | 4 Apple, Debian, Fedoraproject and 1 more | 6 Cups, Mac Os X, Macos and 3 more | 2023-12-10 | 7.2 HIGH | 6.7 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges. | |||||
| CVE-2022-26746 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed by removing the vulnerable code. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences. | |||||
| CVE-2022-26755 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | 4.3 MEDIUM | 6.3 MEDIUM |
| This issue was addressed with improved environment sanitization. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to break out of its sandbox. | |||||
| CVE-2022-22663 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in iOS 15.4 and iPadOS 15.4, Security Update 2022-004 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.6. A malicious application may bypass Gatekeeper checks. | |||||
| CVE-2022-0530 | 5 Apple, Debian, Fedoraproject and 2 more | 6 Mac Os X, Macos, Debian Linux and 3 more | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. | |||||
| CVE-2022-22662 | 2 Apple, Fedoraproject | 3 Mac Os X, Macos, Fedora | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information. | |||||
| CVE-2022-22616 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks. | |||||
| CVE-2022-22583 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| A permissions issue was addressed with improved validation. This issue is fixed in Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application may be able to access restricted files. | |||||
| CVE-2022-26727 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. A malicious application may be able to modify protected parts of the file system. | |||||
| CVE-2022-22648 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to read restricted memory. | |||||
| CVE-2020-13495 | 2 Apple, Pixar | 2 Mac Os X, Openusd | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access that could lead to the disclosure of sensitive information. This vulnerability could be used to bypass mitigations and aid additional exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided file. | |||||
| CVE-2022-22647 | 1 Apple | 2 Mac Os X, Macos | 2023-12-10 | 2.1 LOW | 4.6 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A person with access to a Mac may be able to bypass Login Window. | |||||