Total
1238 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-46696 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2023-01-09 | N/A | 8.8 HIGH |
A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
CVE-2022-46695 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-01-09 | N/A | 6.5 MEDIUM |
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Visiting a website that frames malicious content may lead to UI spoofing. | |||||
CVE-2022-46698 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2023-01-09 | N/A | 6.5 MEDIUM |
A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information. | |||||
CVE-2022-46694 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2023-01-09 | N/A | 7.8 HIGH |
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2, watchOS 9.2. Parsing a maliciously crafted video file may lead to kernel code execution. | |||||
CVE-2022-46691 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2023-01-09 | N/A | 8.8 HIGH |
A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
CVE-2022-46693 | 1 Apple | 6 Icloud, Ipados, Iphone Os and 3 more | 2023-01-09 | N/A | 7.8 HIGH |
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing a maliciously crafted file may lead to arbitrary code execution. | |||||
CVE-2022-46692 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2023-01-09 | N/A | 5.5 MEDIUM |
A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy. | |||||
CVE-2022-42867 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2023-01-09 | N/A | 8.8 HIGH |
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
CVE-2022-46689 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2023-01-09 | N/A | 7.0 HIGH |
A race condition was addressed with additional validation. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-46690 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-01-09 | N/A | 7.8 HIGH |
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-42866 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-01-09 | N/A | 5.5 MEDIUM |
The issue was addressed with improved handling of caches. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to read sensitive location information. | |||||
CVE-2022-42864 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-01-09 | N/A | 7.0 HIGH |
A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-42865 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-01-09 | N/A | 5.5 MEDIUM |
This issue was addressed by enabling hardened runtime. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to bypass Privacy preferences. | |||||
CVE-2022-32944 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-01-09 | N/A | 7.8 HIGH |
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-37434 | 5 Apple, Debian, Fedoraproject and 2 more | 20 Ipados, Iphone Os, Macos and 17 more | 2023-01-09 | N/A | 9.8 CRITICAL |
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). | |||||
CVE-2022-32926 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-01-09 | N/A | 6.7 MEDIUM |
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16. An app with root privileges may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-32932 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2023-01-09 | N/A | 7.8 HIGH |
The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-32923 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2023-01-09 | N/A | 6.5 MEDIUM |
A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app. | |||||
CVE-2020-9871 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2023-01-09 | 6.8 MEDIUM | 7.8 HIGH |
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
CVE-2020-9868 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2023-01-09 | 6.4 MEDIUM | 9.1 CRITICAL |
A certificate validation issue existed when processing administrator added certificates. This issue was addressed with improved certificate validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. An attacker may have been able to impersonate a trusted website using shared key material for an administrator added certificate. |