cbcvebase.

Apple Security Update 2022-004 Catalina vulnerabilities

39 known vulnerabilities affecting apple/security_update_2022-004_catalina.

Total CVEs
39
CISA KEV
1
actively exploited
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL5HIGH24MEDIUM10

Vulnerabilities

Page 2 of 2
CVE-2021-45444HIGHCVSS 7.82022-05-16
CVE-2021-45444 [HIGH] CVE-2021-45444: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2021-45444 Component: CVE-2021-45444
apple
CVE-2022-26720HIGHCVSS 7.82022-05-16
CVE-2022-26720 [HIGH] CVE-2022-26720: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2022-26720 Component: Intel Graphics Driver Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking.
apple
CVE-2022-26697HIGHCVSS 7.12022-05-16
CVE-2022-26697 [HIGH] CVE-2022-26697: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2022-26697 Component: AppleScript Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation.
apple
CVE-2022-26763HIGHCVSS 7.82022-05-16
CVE-2022-26763 [HIGH] CVE-2022-26763: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2022-26763 Component: DriverKit Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An out-of-bounds access issue was addressed with improved bounds checking.
apple
CVE-2022-26756HIGHCVSS 7.82022-05-16
CVE-2022-26756 [HIGH] CVE-2022-26756: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2022-26756 Component: Intel Graphics Driver Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation.
apple
CVE-2018-25032HIGHCVSS 7.52022-05-16
CVE-2018-25032 [HIGH] CVE-2018-25032: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2018-25032 Component: CVE-2022-0530 Impact: An attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved input validation.
apple
CVE-2022-26698HIGHCVSS 7.12022-05-16
CVE-2022-26698 [HIGH] CVE-2022-26698: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2022-26698 Component: AppleScript Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read was addressed with improved bounds checking.
apple
CVE-2022-26757HIGHCVSS 7.82022-05-16
CVE-2022-26757 [HIGH] CVE-2022-26757: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2022-26757 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management.
apple
CVE-2022-32794HIGHCVSS 7.82022-05-16
CVE-2022-32794 [HIGH] CVE-2022-32794: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2022-32794 Component: PackageKit Impact: An app may be able to gain elevated privileges Description: A logic issue was addressed with improved state management.
apple
CVE-2022-26728MEDIUMCVSS 5.52022-05-16
CVE-2022-26728 [MEDIUM] CVE-2022-26728: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2022-26728 Component: SoftwareUpdate Impact: A malicious application may be able to access restricted files Description: This issue was addressed with improved entitlements.
apple
CVE-2022-22663MEDIUMCVSS 5.52022-05-16
CVE-2022-22663 [MEDIUM] CVE-2022-22663: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2022-22663 Component: CoreTypes Impact: A malicious application may bypass Gatekeeper checks Description: This issue was addressed with improved checks to prevent unauthorized actions.
apple
CVE-2022-0530MEDIUMCVSS 5.52022-05-16
CVE-2022-0530 [MEDIUM] CVE-2022-0530: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2022-0530 Component: CVE-2022-0530 Impact: An attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved input validation.
apple
CVE-2022-22674MEDIUMCVSS 5.5KEV2022-05-16
CVE-2022-22674 [MEDIUM] CVE-2022-22674: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2022-22674 Component: Graphics Drivers Impact: A local user may be able to read kernel memory Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.
apple
CVE-2022-22589MEDIUMCVSS 6.12022-05-16
CVE-2022-22589 [MEDIUM] CVE-2022-22589: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2022-22589 Component: WebKit Impact: Processing a maliciously crafted mail message may lead to running arbitrary javascript Description: A validation issue was addressed with improved input sanitization.
apple
CVE-2022-26766MEDIUMCVSS 5.52022-05-16
CVE-2022-26766 [MEDIUM] CVE-2022-26766: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2022-26766 Component: Security Impact: A malicious app may be able to bypass signature validation Description: A certificate parsing issue was addressed with improved checks.
apple
CVE-2022-26746MEDIUMCVSS 5.52022-05-16
CVE-2022-26746 [MEDIUM] CVE-2022-26746: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2022-26746 Component: Printing Impact: A malicious application may be able to bypass Privacy preferences Description: This issue was addressed by removing the vulnerable code.
apple
CVE-2022-26726MEDIUMCVSS 6.52022-05-16
CVE-2022-26726 [MEDIUM] CVE-2022-26726: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2022-26726 Component: TCC Impact: An app may be able to capture a user's screen Description: This issue was addressed with improved checks.
apple
CVE-2022-26755MEDIUMCVSS 6.32022-05-16
CVE-2022-26755 [MEDIUM] CVE-2022-26755: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2022-26755 Component: Tcl Impact: A malicious application may be able to break out of its sandbox Description: This issue was addressed with improved environment sanitization.
apple
CVE-2022-26727MEDIUMCVSS 5.52022-05-16
CVE-2022-26727 [MEDIUM] CVE-2022-26727: Security Update 2022-004 Catalina Apple Security Update: About the security content of Security Update 2022-004 Catalina Product: Security Update 2022-004 Catalina CVE: CVE-2022-26727 Component: PackageKit Impact: A malicious application may be able to modify protected parts of the file system Description: This issue was addressed with improved entitlements.
apple
← Previous2 / 2