Apple macOS vulnerabilities

CVE-2022-46706 [HIGH] CWE-843 CVE-2022-46706: A type confusion issue was addressed with improved state handling. This issue is fixed in Security U A type confusion issue was addressed with improved state handling. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to execute arbitrary code with kernel privileges.

CVE-2022-22630 [CRITICAL] CWE-416 CVE-2022-22630: A use after free issue was addressed with improved memory management. This issue is fixed in macOS B A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.6, macOS Monterey 12.3, Security Update 2022-004 Catalina. A remote user may cause an unexpected app termination or arbitrary code execution

CVE-2023-27960 [HIGH] CVE-2023-27960: This issue was addressed by removing the vulnerable code. This issue is fixed in GarageBand for macO This issue was addressed by removing the vulnerable code. This issue is fixed in GarageBand for macOS 10.4.8. An app may be able to gain elevated privileges during the installation of GarageBand.

CVE-2022-22582 [MEDIUM] CWE-59 CVE-2022-22582: A validation issue existed in the handling of symlinks. This issue was addressed with improved valid A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5, macOS Monterey 12.3. A local user may be able to write arbitrary files.

CVE-2022-32910 [HIGH] CWE-693 CVE-2022-32910: A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5, Security Update 2022-005 Catalina. An archive may be able to bypass Gatekeeper.

CVE-2022-32794 [HIGH] CWE-269 CVE-2022-32794: A logic issue was addressed with improved state management. This issue is fixed in Security Update 2 A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to gain elevated privileges.

CVE-2022-32847 [CRITICAL] CWE-119 CVE-2022-32847: This issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, macO This issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. A remote user may be able to cause unexpected system termination or corrupt kernel memory.

CVE-2022-32787 [HIGH] CWE-787 CVE-2022-32787: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2022-32819 [HIGH] CWE-269 CVE-2022-32819: A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPad A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to gain root privileges.

CVE-2022-32843 [HIGH] CWE-787 CVE-2022-32843: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Sec An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted Postscript file may result in unexpected app termination or disclosure of process memory.

CVE-2022-32790 [HIGH] CWE-400 CVE-2022-32790: This issue was addressed with improved checks. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15 This issue was addressed with improved checks. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, macOS Big Sur 11.6.6, Security Update 2022-004 Catalina. A remote user may be able to cause a denial-of-service.

CVE-2022-32820 [HIGH] CWE-787 CVE-2022-32820: An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iO An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges.

CVE-2022-32797 [HIGH] CWE-20 CVE-2022-32797: This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catal This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory.

CVE-2022-32851 [HIGH] CWE-125 CVE-2022-32851: An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Sec An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory.

CVE-2022-32807 [HIGH] CVE-2022-32807: This issue was addressed with improved file handling. This issue is fixed in Security Update 2022-00 This issue was addressed with improved file handling. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to overwrite arbitrary files.

CVE-2022-32826 [HIGH] CWE-269 CVE-2022-32826: An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.6 An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to gain root privileges.

CVE-2022-32831 [HIGH] CWE-125 CVE-2022-32831: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Security U An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory.

CVE-2022-32842 [HIGH] CWE-125 CVE-2022-32842: An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Sec An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Monterey 12.5. An app may be able to gain elevated privileges.

CVE-2022-32853 [HIGH] CWE-125 CVE-2022-32853: An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Sec An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory.

CVE-2022-32815 [HIGH] CWE-787 CVE-2022-32815: The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15 The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges.