This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Apple First view 2020-11-04
Product Macos Last view 2022-03-18
Version 11.2 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:apple:macos

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.8 2022-03-18 CVE-2022-22669

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-03-18 CVE-2022-22665

A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to gain root privileges.

7.8 2022-03-18 CVE-2022-22664

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.

7.8 2022-03-18 CVE-2022-22661

A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to execute arbitrary code with kernel privileges.

5.5 2022-03-18 CVE-2022-22660

This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.3. An app may be able to spoof system notifications and UI.

7.8 2022-03-18 CVE-2022-22657

A memory initialization issue was addressed with improved memory handling. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.

3.3 2022-03-18 CVE-2022-22656

An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A local attacker may be able to view the previous logged in user’s desktop from the fast user switching screen.

7.5 2022-03-18 CVE-2022-22651

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.3. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.

5.5 2022-03-18 CVE-2022-22650

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A plug-in may be able to inherit the application's permissions and access user data.

5.5 2022-03-18 CVE-2022-22648

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to read restricted memory.

4.6 2022-03-18 CVE-2022-22647

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A person with access to a Mac may be able to bypass Login Window.

5.5 2022-03-18 CVE-2022-22644

A privacy issue existed in the handling of Contact cards. This was addressed with improved state management. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to access information about a user's contacts.

7.5 2022-03-18 CVE-2022-22643

This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A user may send audio and video in a FaceTime call without knowing that they have done so.

9.8 2022-03-18 CVE-2022-22641

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. An application may be able to gain elevated privileges.

7.8 2022-03-18 CVE-2022-22640

A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-03-18 CVE-2022-22639

A logic issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. An application may be able to gain elevated privileges.

6.5 2022-03-18 CVE-2022-22638

A null pointer dereference was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An attacker in a privileged position may be able to perform a denial of service attack.

7.8 2022-03-18 CVE-2022-22633

A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, macOS Monterey 12.3. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.

9.8 2022-03-18 CVE-2022-22632

A logic issue was addressed with improved state management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, watchOS 8.5, macOS Monterey 12.3. A malicious application may be able to elevate privileges.

7.8 2022-03-18 CVE-2022-22631

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to gain elevated privileges.

7.1 2022-03-18 CVE-2022-22627

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.

7.1 2022-03-18 CVE-2022-22626

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.

7.1 2022-03-18 CVE-2022-22625

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.

4.6 2022-03-18 CVE-2022-22621

This issue was addressed with improved checks. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions.

8.8 2022-03-18 CVE-2022-22620

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
24% (66) CWE-787 Out-of-bounds Write
16% (44) CWE-125 Out-of-bounds Read
8% (23) CWE-416 Use After Free
6% (17) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
5% (15) CWE-668 Exposure of Resource to Wrong Sphere
4% (13) CWE-362 Race Condition
4% (11) CWE-20 Improper Input Validation
3% (10) CWE-269 Improper Privilege Management
2% (7) CWE-190 Integer Overflow or Wraparound
1% (5) CWE-732 Incorrect Permission Assignment for Critical Resource
1% (5) CWE-415 Double Free
1% (5) CWE-287 Improper Authentication
1% (5) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (4) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
1% (3) CWE-665 Improper Initialization
1% (3) CWE-494 Download of Code Without Integrity Check
1% (3) CWE-281 Improper Preservation of Permissions
1% (3) CWE-200 Information Exposure
1% (3) CWE-59 Improper Link Resolution Before File Access ('Link Following')
1% (3) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
0% (2) CWE-617 Reachable Assertion
0% (2) CWE-476 NULL Pointer Dereference
0% (2) CWE-276 Incorrect Default Permissions
0% (2) CWE-191 Integer Underflow (Wrap or Wraparound)
0% (2) CWE-122 Heap-based Buffer Overflow