Total
3254 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-0791 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2022-09-28 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions. | |||||
| CVE-2022-32789 | 1 Apple | 1 Macos | 2022-09-28 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5. An app may be able to bypass Privacy preferences. | |||||
| CVE-2022-22637 | 1 Apple | 6 Ipad Os, Iphone Os, Macos and 3 more | 2022-09-28 | N/A | 8.8 HIGH |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. A malicious website may cause unexpected cross-origin behavior. | |||||
| CVE-2022-32782 | 1 Apple | 1 Macos | 2022-09-28 | N/A | 4.4 MEDIUM |
| This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.4. An app with root privileges may be able to access private information. | |||||
| CVE-2022-22628 | 1 Apple | 6 Ipad Os, Iphone Os, Macos and 3 more | 2022-09-28 | N/A | 8.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-22624 | 1 Apple | 4 Ipad Os, Iphone Os, Macos and 1 more | 2022-09-28 | N/A | 8.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-32852 | 1 Apple | 1 Macos | 2022-09-27 | N/A | 7.1 HIGH |
| An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory. | |||||
| CVE-2022-32848 | 1 Apple | 1 Macos | 2022-09-27 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to capture a user’s screen. | |||||
| CVE-2022-32801 | 1 Apple | 1 Macos | 2022-09-27 | N/A | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5. An app may be able to gain root privileges. | |||||
| CVE-2022-32818 | 1 Apple | 1 Macos | 2022-09-27 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5. An app may be able to leak sensitive kernel state. | |||||
| CVE-2022-32798 | 1 Apple | 1 Macos | 2022-09-27 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.5. An app may be able to gain elevated privileges. | |||||
| CVE-2022-22629 | 1 Apple | 7 Ipados, Iphone Os, Itunes and 4 more | 2022-09-27 | N/A | 8.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2021-35538 | 3 Apple, Linux, Oracle | 4 Macos, Linux Kernel, Solaris and 1 more | 2022-09-22 | 4.6 MEDIUM | 7.8 HIGH |
| Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.28. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability does not apply to Windows systems. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). | |||||
| CVE-2022-32788 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-09-22 | N/A | 9.8 CRITICAL |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. A remote user may be able to cause kernel code execution. | |||||
| CVE-2022-26696 | 1 Apple | 1 Macos | 2022-09-22 | N/A | 8.8 HIGH |
| This issue was addressed with improved environment sanitization. This issue is fixed in macOS Monterey 12.4. A sandboxed process may be able to circumvent sandbox restrictions. | |||||
| CVE-2022-32802 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2022-09-22 | N/A | 7.8 HIGH |
| A logic issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, tvOS 15.6, macOS Monterey 12.5. Processing a maliciously crafted file may lead to arbitrary code execution. | |||||
| CVE-2022-32861 | 1 Apple | 2 Macos, Safari | 2022-09-22 | N/A | 5.3 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in Safari 15.6, macOS Monterey 12.5. A user may be tracked through their IP address. | |||||
| CVE-2022-32880 | 1 Apple | 1 Macos | 2022-09-22 | N/A | 6.5 MEDIUM |
| This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.5. An app may be able to access user-sensitive data. | |||||
| CVE-2022-32882 | 1 Apple | 1 Macos | 2022-09-22 | N/A | 9.8 CRITICAL |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to bypass Privacy preferences. | |||||
| CVE-2022-37877 | 2 Apple, Arubanetworks | 2 Macos, Clearpass Policy Manager | 2022-09-21 | N/A | 7.8 HIGH |
| A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the macOS instance in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address this security vulnerability. | |||||