Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-32866 | 1 Apple | 3 Macos, Tvos, Watchos | 2022-11-02 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-32865 | 1 Apple | 2 Iphone Os, Macos | 2022-11-02 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-32786 | 1 Apple | 2 Mac Os X, Macos | 2022-11-02 | N/A | 5.5 MEDIUM |
| An issue in the handling of environment variables was addressed with improved validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to modify protected parts of the file system. | |||||
| CVE-2022-32805 | 1 Apple | 2 Mac Os X, Macos | 2022-11-02 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved handling of caches. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to access sensitive user information. | |||||
| CVE-2022-32838 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2022-11-02 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6. An app may be able to read arbitrary files. | |||||
| CVE-2022-32839 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-11-02 | N/A | 9.8 CRITICAL |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A remote user may cause an unexpected app termination or arbitrary code execution. | |||||
| CVE-2022-32797 | 1 Apple | 2 Mac Os X, Macos | 2022-11-02 | N/A | 7.1 HIGH |
| This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory. | |||||
| CVE-2022-32857 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-11-02 | N/A | 4.3 MEDIUM |
| This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A user in a privileged network position can track a user’s activity. | |||||
| CVE-2022-32800 | 1 Apple | 2 Mac Os X, Macos | 2022-11-02 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to modify protected parts of the file system. | |||||
| CVE-2022-32813 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-11-02 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. An app with root privileges may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-32807 | 1 Apple | 2 Mac Os X, Macos | 2022-11-02 | N/A | 7.1 HIGH |
| This issue was addressed with improved file handling. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to overwrite arbitrary files. | |||||
| CVE-2022-32834 | 1 Apple | 2 Mac Os X, Macos | 2022-11-02 | N/A | 5.5 MEDIUM |
| An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to access sensitive user information. | |||||
| CVE-2022-22647 | 1 Apple | 2 Mac Os X, Macos | 2022-11-02 | 2.1 LOW | 4.6 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A person with access to a Mac may be able to bypass Login Window. | |||||
| CVE-2022-32812 | 1 Apple | 2 Mac Os X, Macos | 2022-11-02 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-22648 | 1 Apple | 2 Mac Os X, Macos | 2022-11-02 | 2.1 LOW | 5.5 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to read restricted memory. | |||||
| CVE-2022-2826 | 1 Gitlab | 1 Gitlab | 2022-11-01 | N/A | 9.8 CRITICAL |
| An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions starting from 13.0 before 13.0.1. TODO | |||||
| CVE-2022-25885 | 1 Muhammara Project | 1 Muhammara | 2022-11-01 | N/A | 7.5 HIGH |
| The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service (DoS) when PDFStreamForResponse() is used with invalid data. | |||||
| CVE-2022-3512 | 1 Cloudflare | 1 Warp | 2022-11-01 | N/A | 8.8 HIGH |
| Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint. | |||||
| CVE-2020-21016 | 1 Dlink | 2 Dir-846, Dir-846 Firmware | 2022-11-01 | N/A | 9.8 CRITICAL |
| D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as root via HNAP1/control/SetGuestWLanSettings.php. | |||||
| CVE-2022-37915 | 1 Arubanetworks | 1 Aruba Edgeconnect Enterprise Orchestrator | 2022-11-01 | N/A | 9.8 CRITICAL |
| A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the underlying operating system leading to a complete system compromise of Aruba EdgeConnect Enterprise Orchestration with versions 9.1.x branch only, Any 9.1.x Orchestrator instantiated as a new machine with a release prior to 9.1.3.40197, Orchestrators upgraded to 9.1.x were not affected. | |||||