Total
3286 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-26772 | 1 Apple | 1 Macos | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26740 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26739 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26743 | 1 Apple | 1 Macos | 2022-06-07 | 6.9 MEDIUM | 7.0 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.4. An attacker that has already achieved code execution in macOS Recovery may be able to escalate to kernel privileges. | |||||
| CVE-2022-26742 | 1 Apple | 1 Macos | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26741 | 1 Apple | 1 Macos | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26746 | 1 Apple | 2 Mac Os X, Macos | 2022-06-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed by removing the vulnerable code. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences. | |||||
| CVE-2022-26745 | 1 Apple | 1 Macos | 2022-06-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.6.6. A malicious application may disclose restricted memory. | |||||
| CVE-2022-26749 | 1 Apple | 1 Macos | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26748 | 1 Apple | 2 Mac Os X, Macos | 2022-06-07 | 6.8 MEDIUM | 8.8 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-26755 | 1 Apple | 2 Mac Os X, Macos | 2022-06-07 | 4.3 MEDIUM | 6.3 MEDIUM |
| This issue was addressed with improved environment sanitization. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to break out of its sandbox. | |||||
| CVE-2022-26751 | 1 Apple | 5 Ipados, Iphone Os, Itunes and 2 more | 2022-06-07 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6, macOS Monterey 12.4. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2022-26750 | 1 Apple | 1 Macos | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26754 | 1 Apple | 1 Macos | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26753 | 1 Apple | 1 Macos | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26752 | 1 Apple | 1 Macos | 2022-06-07 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2019-5013 | 2 Apple, Wacom | 2 Macos, Driver | 2022-06-07 | 7.2 HIGH | 7.8 HIGH |
| An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the start/stopLaunchDProcess command. The command takes a user-supplied string argument and executes launchctl under root context. A user with local access can use this vulnerability to raise load arbitrary launchD agents. An attacker would need local access to the machine for a successful exploit. | |||||
| CVE-2019-5012 | 2 Apple, Wacom | 2 Macos, Driver | 2022-06-07 | 7.2 HIGH | 7.8 HIGH |
| An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the startProcess command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine for a successful exploit. | |||||
| CVE-2020-13520 | 2 Apple, Pixar | 2 Macos, Openusd | 2022-06-07 | 6.8 MEDIUM | 7.8 HIGH |
| An out of bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 reconstructs paths from binary USD files. A specially crafted malformed file can trigger an out of bounds memory modification which can result in remote code execution. To trigger this vulnerability, victim needs to access an attacker-provided malformed file. | |||||
| CVE-2020-13524 | 2 Apple, Pixar | 3 Mac Os X, Macos, Openusd | 2022-06-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files. A specially crafted malformed file can trigger an out-of-bounds memory access and modification which results in memory corruption. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file. | |||||