![]() Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforcedĭescription: A logic issue was addressed with improved state management. Impact: Processing maliciously crafted web content may lead to arbitrary code executionĭescription: A use after free issue was addressed with improved memory management.ĬVE-2022-22590: Toan Pham from Team Orca of Sea Security () Impact: Processing a maliciously crafted mail message may lead to running arbitrary javascriptĭescription: A validation issue was addressed with improved input sanitization.ĬVE-2022-22589: Heige of KnownSec 404 Team () and Bo Qu of Palo Alto Networks () ![]() Impact: An application may be able to access restricted filesĭescription: A permissions issue was addressed with improved validation.ĬVE-2022-22583: Ron Hass of Perception Point, Mickey Jin updated May 25, 2022 Impact: An application may be able to delete files for which it does not have permissionĭescription: An event handler validation issue in the XPC Services API was addressed by removing the service.ĬVE-2022-22676: Mickey Jin of Trend Micro Impact: A malicious application may be able to modify protected parts of the file systemĭescription: This issue was addressed by removing the vulnerable code.ĬVE-2022-22646: Mickey Jin Mickey Jin of Trend Micro Impact: Processing a maliciously crafted STL file may lead to unexpected application termination or arbitrary code executionĭescription: An information disclosure issue was addressed with improved state management.ĬVE-2022-22579: Mickey Jin of Trend Micro ![]() Apple is aware of a report that this issue may have been actively exploited.ĭescription: A memory corruption issue was addressed with improved input validation.ĬVE-2022-22587: an anonymous researcher, Meysam Firouzi of MBition - Mercedes-Benz Innovation Lab, Siddharth Aeri for: macOS Montereyĭescription: A buffer overflow issue was addressed with improved memory handling.ĬVE-2022-22593: Peter Nguyễn Vũ Hoàng of STAR Labs Impact: A malicious application may be able to execute arbitrary code with kernel privileges. This issue was addressed with improved path sanitization.ĬVE-2022-22585: Zhipeng Huo of Tencent Security Xuanwu Lab ()ĭescription: A memory corruption issue was addressed with improved memory handling.ĬVE-2022-22591: Antonio Zekic of Diverto Impact: An application may be able to access a user's filesĭescription: An issue existed within the path validation logic for symlinks. Impact: A malicious application may be able to gain root privilegesĭescription: A logic issue was addressed with improved validation.ĬVE-2022-22578: Zhipeng Huo and Yuebin Sun of Tencent Security Xuanwu Lab () Impact: Processing a maliciously crafted file may lead to arbitrary code executionĭescription: A memory corruption issue was addressed with improved validation.ĬVE-2022-22584: Mickey Jin of Trend Micro
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |