Apple Macos Big Sur vulnerabilities

CVE-2022-22614 [HIGH] CVE-2022-22614: macOS Big Sur 11.6.5 Apple Security Update: About the security content of macOS Big Sur 11.6.5 Product: macOS Big Sur Version: 11.6.5 CVE: CVE-2022-22614 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management.

CVE-2022-22633 [HIGH] CVE-2022-22633: macOS Big Sur 11.6.5 Apple Security Update: About the security content of macOS Big Sur 11.6.5 Product: macOS Big Sur Version: 11.6.5 CVE: CVE-2022-22633 Component: Accelerate Framework Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved state management.

CVE-2022-22627 [HIGH] CVE-2022-22627: macOS Big Sur 11.6.5 Apple Security Update: About the security content of macOS Big Sur 11.6.5 Product: macOS Big Sur Version: 11.6.5 CVE: CVE-2022-22627 Component: AppleScript Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2022-46706 [HIGH] CVE-2022-46706: macOS Big Sur 11.6.5 Apple Security Update: About the security content of macOS Big Sur 11.6.5 Product: macOS Big Sur Version: 11.6.5 CVE: CVE-2022-46706 Component: Intel Graphics Driver Impact: An application may be able to execute arbitrary code with kernel privileges Description: A type confusion issue was addressed with improved state handling.

CVE-2022-22582 [MEDIUM] CVE-2022-22582: macOS Big Sur 11.6.5 Apple Security Update: About the security content of macOS Big Sur 11.6.5 Product: macOS Big Sur Version: 11.6.5 CVE: CVE-2022-22582 Component: WebKit Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A cookie management issue was addressed with improved state management.

CVE-2022-26688 [MEDIUM] CVE-2022-26688: macOS Big Sur 11.6.5 Apple Security Update: About the security content of macOS Big Sur 11.6.5 Product: macOS Big Sur Version: 11.6.5 CVE: CVE-2022-26688 Component: PackageKit Impact: A malicious app with root privileges may be able to modify the contents of system files Description: An issue in the handling of symlinks was addressed with improved validation.

CVE-2022-22648 [MEDIUM] CVE-2022-22648: macOS Big Sur 11.6.5 Apple Security Update: About the security content of macOS Big Sur 11.6.5 Product: macOS Big Sur Version: 11.6.5 CVE: CVE-2022-22648 Component: AppleScript Impact: An application may be able to read restricted memory Description: This issue was addressed with improved checks.

CVE-2022-22638 [MEDIUM] CVE-2022-22638: macOS Big Sur 11.6.5 Apple Security Update: About the security content of macOS Big Sur 11.6.5 Product: macOS Big Sur Version: 11.6.5 CVE: CVE-2022-22638 Component: Kernel Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A null pointer dereference was addressed with improved validation.

CVE-2022-26691 [MEDIUM] CVE-2022-26691: macOS Big Sur 11.6.5 Apple Security Update: About the security content of macOS Big Sur 11.6.5 Product: macOS Big Sur Version: 11.6.5 CVE: CVE-2022-26691 Component: CUPS Impact: An application may be able to gain elevated privileges Description: A logic issue was addressed with improved state management.

CVE-2022-22662 [MEDIUM] CVE-2022-22662: macOS Big Sur 11.6.5 Apple Security Update: About the security content of macOS Big Sur 11.6.5 Product: macOS Big Sur Version: 11.6.5 CVE: CVE-2022-22662 Component: WebKit Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A cookie management issue was addressed with improved state management.

CVE-2022-22647 [MEDIUM] CVE-2022-22647: macOS Big Sur 11.6.5 Apple Security Update: About the security content of macOS Big Sur 11.6.5 Product: macOS Big Sur Version: 11.6.5 CVE: CVE-2022-22647 Component: Login Window Impact: A person with access to a Mac may be able to bypass Login Window Description: This issue was addressed with improved checks.

CVE-2022-22650 [MEDIUM] CVE-2022-22650: macOS Big Sur 11.6.5 Apple Security Update: About the security content of macOS Big Sur 11.6.5 Product: macOS Big Sur Version: 11.6.5 CVE: CVE-2022-22650 Component: QuickTime Player Impact: A plug-in may be able to inherit the application's permissions and access user data Description: This issue was addressed with improved checks.

CVE-2022-22616 [MEDIUM] CVE-2022-22616: macOS Big Sur 11.6.5 Apple Security Update: About the security content of macOS Big Sur 11.6.5 Product: macOS Big Sur Version: 11.6.5 CVE: CVE-2022-22616 Component: BOM Impact: A maliciously crafted ZIP archive may bypass Gatekeeper checks Description: This issue was addressed with improved checks.

CVE-2022-22656 [LOW] CVE-2022-22656: macOS Big Sur 11.6.5 Apple Security Update: About the security content of macOS Big Sur 11.6.5 Product: macOS Big Sur Version: 11.6.5 CVE: CVE-2022-22656 Component: CVE-2022-22656

CVE-2022-22599 [LOW] CVE-2022-22599: macOS Big Sur 11.6.5 Apple Security Update: About the security content of macOS Big Sur 11.6.5 Product: macOS Big Sur Version: 11.6.5 CVE: CVE-2022-22599 Component: Siri Impact: A person with physical access to a device may be able to use Siri to obtain some location information from the lock screen Description: A permissions issue was addressed with improved validation.

CVE-2022-22587 [CRITICAL] CVE-2022-22587: macOS Big Sur 11.6.3 Apple Security Update: About the security content of macOS Big Sur 11.6.3 Product: macOS Big Sur Version: 11.6.3 CVE: CVE-2022-22587 Component: IOMobileFrameBuffer Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Description: A memory corruption issue was addressed with improved input validation.

CVE-2022-22579 [HIGH] CVE-2022-22579: macOS Big Sur 11.6.3 Apple Security Update: About the security content of macOS Big Sur 11.6.3 Product: macOS Big Sur Version: 11.6.3 CVE: CVE-2022-22579 Component: Model I/O Impact: Processing a maliciously crafted STL file may lead to unexpected application termination or arbitrary code execution Description: An information disclosure issue was addressed with improved state management.

CVE-2022-22593 [HIGH] CVE-2022-22593: macOS Big Sur 11.6.3 Apple Security Update: About the security content of macOS Big Sur 11.6.3 Product: macOS Big Sur Version: 11.6.3 CVE: CVE-2022-22593 Component: Kernel Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2022-22585 [HIGH] CVE-2022-22585: macOS Big Sur 11.6.3 Apple Security Update: About the security content of macOS Big Sur 11.6.3 Product: macOS Big Sur Version: 11.6.3 CVE: CVE-2022-22585 Component: Audio Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2021-30960 [MEDIUM] CVE-2021-30960: macOS Big Sur 11.6.3 Apple Security Update: About the security content of macOS Big Sur 11.6.3 Product: macOS Big Sur Version: 11.6.3 CVE: CVE-2021-30960 Component: Audio Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information Description: A buffer overflow issue was addressed with improved memory handling.