This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Apple First view 2021-07-20
Product Macos Last view 2022-05-26
Version 12.0.1 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:apple:macos

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
9.8 2022-05-26 CVE-2022-26776

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An attacker may be able to cause unexpected application termination or arbitrary code execution.

9.8 2022-05-26 CVE-2022-26775

An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. An attacker may be able to cause unexpected application termination or arbitrary code execution.

7.8 2022-05-26 CVE-2022-26772

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26770

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26769

A memory corruption issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26768

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.

5.5 2022-05-26 CVE-2022-26767

The issue was addressed with additional permissions checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences.

5.5 2022-05-26 CVE-2022-26766

A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious app may be able to bypass signature validation.

4.7 2022-05-26 CVE-2022-26765

A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

4.7 2022-05-26 CVE-2022-26764

A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.

7.8 2022-05-26 CVE-2022-26763

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious application may be able to execute arbitrary code with system privileges.

7.8 2022-05-26 CVE-2022-26757

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26756

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.

6.3 2022-05-26 CVE-2022-26755

This issue was addressed with improved environment sanitization. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to break out of its sandbox.

7.8 2022-05-26 CVE-2022-26754

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26753

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26752

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26751

A memory corruption issue was addressed with improved input validation. This issue is fixed in iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6, macOS Monterey 12.4. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8 2022-05-26 CVE-2022-26750

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26749

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

8.8 2022-05-26 CVE-2022-26748

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing maliciously crafted web content may lead to arbitrary code execution.

5.5 2022-05-26 CVE-2022-26746

This issue was addressed by removing the vulnerable code. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences.

7 2022-05-26 CVE-2022-26743

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.4. An attacker that has already achieved code execution in macOS Recovery may be able to escalate to kernel privileges.

7.8 2022-05-26 CVE-2022-26742

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

7.8 2022-05-26 CVE-2022-26741

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

CWE : Common Weakness Enumeration

%idName
25% (36) CWE-787 Out-of-bounds Write
12% (17) CWE-416 Use After Free
12% (17) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
11% (16) CWE-125 Out-of-bounds Read
5% (8) CWE-362 Race Condition
4% (6) CWE-668 Exposure of Resource to Wrong Sphere
3% (5) CWE-269 Improper Privilege Management
2% (4) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
2% (4) CWE-59 Improper Link Resolution Before File Access ('Link Following')
2% (3) CWE-665 Improper Initialization
2% (3) CWE-190 Integer Overflow or Wraparound
2% (3) CWE-20 Improper Input Validation
1% (2) CWE-732 Incorrect Permission Assignment for Critical Resource
1% (2) CWE-476 NULL Pointer Dereference
1% (2) CWE-276 Incorrect Default Permissions
1% (2) CWE-122 Heap-based Buffer Overflow
0% (1) CWE-613 Insufficient Session Expiration
0% (1) CWE-415 Double Free
0% (1) CWE-346 Origin Validation Error
0% (1) CWE-345 Insufficient Verification of Data Authenticity
0% (1) CWE-319 Cleartext Transmission of Sensitive Information
0% (1) CWE-295 Certificate Issues
0% (1) CWE-287 Improper Authentication
0% (1) CWE-281 Improper Preservation of Permissions
0% (1) CWE-200 Information Exposure