Apple Macos Monterey vulnerabilities

CVE-2022-22593 [HIGH] CVE-2022-22593: macOS Monterey 12.2 Apple Security Update: About the security content of macOS Monterey 12.2 Product: macOS Monterey Version: 12.2 CVE: CVE-2022-22593 Component: Kernel Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2022-22584 [HIGH] CVE-2022-22584: macOS Monterey 12.2 Apple Security Update: About the security content of macOS Monterey 12.2 Product: macOS Monterey Version: 12.2 CVE: CVE-2022-22584 Component: ColorSync Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation.

CVE-2022-22583 [MEDIUM] CVE-2022-22583: macOS Monterey 12.2 Apple Security Update: About the security content of macOS Monterey 12.2 Product: macOS Monterey Version: 12.2 CVE: CVE-2022-22583 Component: PackageKit Impact: An application may be able to access restricted files Description: A permissions issue was addressed with improved validation.

CVE-2022-22589 [MEDIUM] CVE-2022-22589: macOS Monterey 12.2 Apple Security Update: About the security content of macOS Monterey 12.2 Product: macOS Monterey Version: 12.2 CVE: CVE-2022-22589 Component: WebKit Impact: Processing a maliciously crafted mail message may lead to running arbitrary javascript Description: A validation issue was addressed with improved input sanitization.

CVE-2022-22594 [MEDIUM] CVE-2022-22594: macOS Monterey 12.2 Apple Security Update: About the security content of macOS Monterey 12.2 Product: macOS Monterey Version: 12.2 CVE: CVE-2022-22594 Component: WebKit Storage Impact: A website may be able to track sensitive user information Description: A cross-origin issue in the IndexDB API was addressed with improved input validation.

CVE-2022-22676 [MEDIUM] CVE-2022-22676: macOS Monterey 12.2 Apple Security Update: About the security content of macOS Monterey 12.2 Product: macOS Monterey Version: 12.2 CVE: CVE-2022-22676 Component: PackageKit Impact: An application may be able to delete files for which it does not have permission Description: An event handler validation issue in the XPC Services API was addressed by removing the service.

CVE-2022-22646 [MEDIUM] CVE-2022-22646: macOS Monterey 12.2 Apple Security Update: About the security content of macOS Monterey 12.2 Product: macOS Monterey Version: 12.2 CVE: CVE-2022-22646 Component: PackageKit Impact: A malicious application may be able to modify protected parts of the file system Description: This issue was addressed by removing the vulnerable code.

CVE-2022-22592 [MEDIUM] CVE-2022-22592: macOS Monterey 12.2 Apple Security Update: About the security content of macOS Monterey 12.2 Product: macOS Monterey Version: 12.2 CVE: CVE-2022-22592 Component: WebKit Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced Description: A logic issue was addressed with improved state management.

CVE-2021-31009 [CRITICAL] CVE-2021-31009: macOS Monterey 12.1 Apple Security Update: About the security content of macOS Monterey 12.1 Product: macOS Monterey Version: 12.1 CVE: CVE-2021-31009 Component: Model I/O Impact: Multiple issues in HDF5 Description: Multiple issues were addressed by removing HDF5.

CVE-2021-30954 [HIGH] CVE-2021-30954: macOS Monterey 12.1 Apple Security Update: About the security content of macOS Monterey 12.1 Product: macOS Monterey Version: 12.1 CVE: CVE-2021-30954 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling.

CVE-2021-30951 [HIGH] CVE-2021-30951: macOS Monterey 12.1 Apple Security Update: About the security content of macOS Monterey 12.1 Product: macOS Monterey Version: 12.1 CVE: CVE-2021-30951 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management.

CVE-2021-30955 [HIGH] CVE-2021-30955: macOS Monterey 12.1 Apple Security Update: About the security content of macOS Monterey 12.1 Product: macOS Monterey Version: 12.1 CVE: CVE-2021-30955 Component: Kernel Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved state handling.

CVE-2021-30934 [HIGH] CVE-2021-30934: macOS Monterey 12.1 Apple Security Update: About the security content of macOS Monterey 12.1 Product: macOS Monterey Version: 12.1 CVE: CVE-2021-30934 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2021-30927 [HIGH] CVE-2021-30927: macOS Monterey 12.1 Apple Security Update: About the security content of macOS Monterey 12.1 Product: macOS Monterey Version: 12.1 CVE: CVE-2021-30927 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management.

CVE-2021-30984 [HIGH] CVE-2021-30984: macOS Monterey 12.1 Apple Security Update: About the security content of macOS Monterey 12.1 Product: macOS Monterey Version: 12.1 CVE: CVE-2021-30984 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A race condition was addressed with improved state handling.

CVE-2021-30939 [HIGH] CVE-2021-30939: macOS Monterey 12.1 Apple Security Update: About the security content of macOS Monterey 12.1 Product: macOS Monterey Version: 12.1 CVE: CVE-2021-30939 Component: ImageIO Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30937 [HIGH] CVE-2021-30937: macOS Monterey 12.1 Apple Security Update: About the security content of macOS Monterey 12.1 Product: macOS Monterey Version: 12.1 CVE: CVE-2021-30937 Component: Kernel Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking.

CVE-2021-30952 [HIGH] CVE-2021-30952: macOS Monterey 12.1 Apple Security Update: About the security content of macOS Monterey 12.1 Product: macOS Monterey Version: 12.1 CVE: CVE-2021-30952 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An integer overflow was addressed with improved input validation.

CVE-2021-30975 [HIGH] CVE-2021-30975: macOS Monterey 12.1 Apple Security Update: About the security content of macOS Monterey 12.1 Product: macOS Monterey Version: 12.1 CVE: CVE-2021-30975 Component: Script Editor Impact: A malicious OSAX scripting addition may bypass Gatekeeper checks and circumvent sandbox restrictions Description: This issue was addressed by disabling execution of JavaScript when viewing a scripting dictionary.

CVE-2021-30926 [HIGH] CVE-2021-30926: macOS Monterey 12.1 Apple Security Update: About the security content of macOS Monterey 12.1 Product: macOS Monterey Version: 12.1 CVE: CVE-2021-30926 Component: ColorSync Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation.