Impact: An app may be able to gain elevated privilegesĭescription: A logic issue was addressed with improved state management.ĬVE-2022-32794: Mickey Jin added October 4, 2022 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Impact: Processing a maliciously crafted certificate may lead to a denial of serviceĭescription: A denial of service issue was addressed with improved input validation. Impact: An attacker may be able to cause unexpected application termination or arbitrary code executionĬVE-2022-26776: Zubair Ashraf of Crowdstrike, Max Shavrick of the Google Security Team Impact: A remote user may be able to cause a denial-of-serviceĬVE-2022-32790: Max Shavrick of the Google Security Team Impact: An app may be able to bypass Privacy preferencesĭescription: This issue was addressed with improved checks.ĬVE-2022-32882: Zhipeng Huo and Yuebin Sun of Tencent Security Xuanwu Lab Impact: A sandboxed process may be able to circumvent sandbox restrictionsĭescription: An access issue was addressed with additional sandbox restrictions on third-party applications.ĬVE-2022-26706: Arsenii Kostromin (0x3c3e), Jonathan Bar Or of Microsoft Impact: A malicious application may be able to bypass Privacy preferencesĭescription: The issue was addressed with additional permissions checks.ĬVE-2022-26767: Wojciech Reguła of SecuRing Impact: An app may be able to bypass certain Privacy preferencesĭescription: A logic issue was addressed with improved restrictions.ĬVE-2021-30946: and Ron Masas of BreakPoint.sh Impact: Processing maliciously crafted web content may lead to arbitrary code executionĬVE-2022-26748: Jeonghoon Shin of Theori working with Trend Micro Zero Day Initiativeĭescription: A memory corruption issue was addressed with improved state management.ĭescription: A memory corruption issue was addressed with improved validation.ĬVE-2022-26714: Peter Nguyễn Vũ Hoàng of STAR Labs for: macOS Big SurĬVE-2022-26757: Ned Williamson of Google Project Zero Impact: An application may be able to execute arbitrary code with kernel privilegesĭescription: An out-of-bounds write issue was addressed with improved input validation.ĬVE-2022-26756: Jack Dates of RET2 Systems, IncĬVE-2022-26769: Antonio Zekic Graphics Driver Impact: A malicious application may be able to execute arbitrary code with kernel privilegesĬVE-2022-26720: Liu Long of Ant Security Light-Year LabĬVE-2022-26770: Liu Long of Ant Security Light-Year Lab This was addressed with improved input validation. Impact: A local user may be able to read kernel memoryĭescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. Impact: A malicious application may be able to execute arbitrary code with system privilegesĭescription: An out-of-bounds access issue was addressed with improved bounds checking.ĬVE-2022-26763: Linus Henze of Pinauten GmbH () Impact: A malicious application may bypass Gatekeeper checksĭescription: This issue was addressed with improved checks to prevent unauthorized actions.ĬVE-2022-22663: Arsenii Kostromin (0x3c3e)ĭescription: A memory initialization issue was addressed. Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memoryĭescription: An out-of-bounds read issue was addressed with improved bounds checking.ĬVE-2022-26698: Qi Sun of Trend Micro, Ye Zhang of Baidu Securityĭescription: An out-of-bounds read issue was addressed with improved input validation.ĬVE-2022-26697: Qi Sun and Robert Ai of Trend Micro Impact: Processing a maliciously crafted image may lead to arbitrary code executionĭescription: A memory corruption issue was addressed with improved input validation.ĬVE-2022-26751: Michael DePlante of Trend Micro Zero Day Initiative Impact: A remote attacker may be able to cause an unexpected app termination or arbitrary code executionĭescription: A use after free issue was addressed with improved memory management.ĬVE-2022-22630: Jeremy Brown working with Trend Micro Zero Day Initiative Apple is aware of a report that this issue may have been actively exploited.ĭescription: An out-of-bounds write issue was addressed with improved bounds checking. Impact: An application may be able to execute arbitrary code with kernel privileges. Impact: A malicious application may be able to gain root privilegesĭescription: A logic issue was addressed with improved validation. Description: Multiple issues were addressed by updating apache to version 2.4.53.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |