Apple Macos Monterey vulnerabilities

CVE-2022-32828 [MEDIUM] CVE-2022-32828: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2022-32828 Component: CoreMedia Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling.

CVE-2022-32789 [MEDIUM] CVE-2022-32789: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2022-32789 Component: Automation Impact: An app may be able to bypass Privacy preferences Description: A logic issue was addressed with improved checks.

CVE-2022-32832 [MEDIUM] CVE-2022-32832: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2022-32832 Component: APFS Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2022-32848 [MEDIUM] CVE-2022-32848: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2022-32848 Component: Windows Server Impact: An app may be able to capture a user’s screen Description: A logic issue was addressed with improved checks.

CVE-2022-29048 [MEDIUM] CVE-2022-29048: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2022-29048 Component: Spotlight Impact: An app may be able to gain root privileges Description: This issue was addressed with improved checks.

CVE-2022-32817 [MEDIUM] CVE-2022-32817: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2022-32817 Component: Kernel Impact: An app may be able to disclose kernel memory Description: An out-of-bounds read issue was addressed with improved bounds checking.

CVE-2022-32825 [MEDIUM] CVE-2022-32825: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2022-32825 Component: Audio Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling.

CVE-2022-32823 [MEDIUM] CVE-2022-32823: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2022-32823 Component: CVE-2022-32823

CVE-2022-29046 [MEDIUM] CVE-2022-29046: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2022-29046 Component: Spotlight Impact: An app may be able to gain root privileges Description: This issue was addressed with improved checks.

CVE-2022-32805 [MEDIUM] CVE-2022-32805: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2022-32805 Component: Calendar Impact: An app may be able to access sensitive user information Description: The issue was addressed with improved handling of caches.

CVE-2022-32785 [MEDIUM] CVE-2022-32785: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2022-32785 Component: ImageIO Impact: Processing an image may lead to a denial-of-service Description: A null pointer dereference was addressed with improved validation.

CVE-2022-32861 [MEDIUM] CVE-2022-32861: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2022-32861 Component: WebKit Impact: A user may be tracked through their IP address Description: A logic issue was addressed with improved state management.

CVE-2022-32834 [MEDIUM] CVE-2022-32834: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2022-32834 Component: TCC Impact: An app may be able to access sensitive user information Description: An access issue was addressed with improvements to the sandbox.

CVE-2022-32857 [MEDIUM] CVE-2022-32857: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2022-32857 Component: Software Update Impact: A user in a privileged network position can track a user’s activity Description: This issue was addressed by using HTTPS when sending information over the network.

CVE-2021-28544 [MEDIUM] CVE-2021-28544: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2021-28544 Component: Spotlight Impact: An app may be able to gain root privileges Description: This issue was addressed with improved checks.

CVE-2022-32799 [MEDIUM] CVE-2022-32799: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2022-32799 Component: SMB Impact: A user in a privileged network position may be able to leak sensitive information Description: An out-of-bounds read issue was addressed with improved bounds checking.

CVE-2022-32786 [MEDIUM] CVE-2022-32786: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2022-32786 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: An issue in the handling of environment variables was addressed with improved validation.

CVE-2022-46708 CVE-2022-46708: macOS Monterey 12.5 Apple Security Update: About the security content of macOS Monterey 12.5 Product: macOS Monterey Version: 12.5 CVE: CVE-2022-46708 Component: Safari Impact: Processing web content may disclose sensitive information Description: A brute force issue was addressed with improved state management.

CVE-2022-26694 [CRITICAL] CVE-2022-26694: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-26694 Component: Contacts Impact: A plug-in may be able to inherit the application's permissions and access user data Description: This issue was addressed with improved checks.

CVE-2022-26711 [CRITICAL] CVE-2022-26711: macOS Monterey 12.4 Apple Security Update: About the security content of macOS Monterey 12.4 Product: macOS Monterey Version: 12.4 CVE: CVE-2022-26711 Component: ImageIO Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An integer overflow issue was addressed with improved input validation.