diff --git a/2018/14xxx/CVE-2018-14519.json b/2018/14xxx/CVE-2018-14519.json index a4d605ba924..172d8b4a6c7 100644 --- a/2018/14xxx/CVE-2018-14519.json +++ b/2018/14xxx/CVE-2018-14519.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-14519", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Kirby 2.5.12. The delete page functionality suffers from a CSRF flaw. A remote attacker can craft a malicious CSRF page and force the user to delete a page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://zaranshaikh.blogspot.com", + "refsource": "MISC", + "name": "http://zaranshaikh.blogspot.com" + }, + { + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/45090", + "url": "https://www.exploit-db.com/exploits/45090" } ] } diff --git a/2018/14xxx/CVE-2018-14520.json b/2018/14xxx/CVE-2018-14520.json index 8a01bde68ed..e6ab65d39eb 100644 --- a/2018/14xxx/CVE-2018-14520.json +++ b/2018/14xxx/CVE-2018-14520.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-14520", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Kirby 2.5.12. The application allows malicious HTTP requests to be sent in order to trick a user into adding web pages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://zaranshaikh.blogspot.com/2018/07/cross-site-request-forgery-kirby-cms.html", + "refsource": "MISC", + "name": "http://zaranshaikh.blogspot.com/2018/07/cross-site-request-forgery-kirby-cms.html" + }, + { + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/45068", + "url": "https://www.exploit-db.com/exploits/45068" } ] } diff --git a/2022/2xxx/CVE-2022-2982.json b/2022/2xxx/CVE-2022-2982.json new file mode 100644 index 00000000000..43c2220fe7c --- /dev/null +++ b/2022/2xxx/CVE-2022-2982.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-2982", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2983.json b/2022/2xxx/CVE-2022-2983.json new file mode 100644 index 00000000000..0804c975a08 --- /dev/null +++ b/2022/2xxx/CVE-2022-2983.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-2983", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/32xxx/CVE-2022-32793.json b/2022/32xxx/CVE-2022-32793.json index 3d4409915a0..20bdaaf517c 100644 --- a/2022/32xxx/CVE-2022-32793.json +++ b/2022/32xxx/CVE-2022-32793.json @@ -4,14 +4,107 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-32793", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.5" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "8.7" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to disclose kernel memory" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213345", + "name": "https://support.apple.com/en-us/HT213345" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213340", + "name": "https://support.apple.com/en-us/HT213340" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213342", + "name": "https://support.apple.com/en-us/HT213342" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213346", + "name": "https://support.apple.com/en-us/HT213346" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory." } ] } diff --git a/2022/32xxx/CVE-2022-32810.json b/2022/32xxx/CVE-2022-32810.json index c62c3682d7c..093f70ac736 100644 --- a/2022/32xxx/CVE-2022-32810.json +++ b/2022/32xxx/CVE-2022-32810.json @@ -4,14 +4,91 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-32810", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.5" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "8.7" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213345", + "name": "https://support.apple.com/en-us/HT213345" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213340", + "name": "https://support.apple.com/en-us/HT213340" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213346", + "name": "https://support.apple.com/en-us/HT213346" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2022/32xxx/CVE-2022-32811.json b/2022/32xxx/CVE-2022-32811.json index 7189efc38b8..fa8d2d708a1 100644 --- a/2022/32xxx/CVE-2022-32811.json +++ b/2022/32xxx/CVE-2022-32811.json @@ -4,14 +4,91 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-32811", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.5" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "11.6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "2022" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213345", + "name": "https://support.apple.com/en-us/HT213345" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213344", + "name": "https://support.apple.com/en-us/HT213344" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213343", + "name": "https://support.apple.com/en-us/HT213343" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2022/32xxx/CVE-2022-32812.json b/2022/32xxx/CVE-2022-32812.json index 886fe7cf6c8..87d9ef98e85 100644 --- a/2022/32xxx/CVE-2022-32812.json +++ b/2022/32xxx/CVE-2022-32812.json @@ -4,14 +4,91 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-32812", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.5" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "11.6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "2022" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213345", + "name": "https://support.apple.com/en-us/HT213345" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213344", + "name": "https://support.apple.com/en-us/HT213344" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213343", + "name": "https://support.apple.com/en-us/HT213343" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2022/32xxx/CVE-2022-32813.json b/2022/32xxx/CVE-2022-32813.json index f0b3880aa21..692e58f6674 100644 --- a/2022/32xxx/CVE-2022-32813.json +++ b/2022/32xxx/CVE-2022-32813.json @@ -4,14 +4,139 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-32813", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.5" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "11.6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "2022" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "8.7" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app with root privileges may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213345", + "name": "https://support.apple.com/en-us/HT213345" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213340", + "name": "https://support.apple.com/en-us/HT213340" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213342", + "name": "https://support.apple.com/en-us/HT213342" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213346", + "name": "https://support.apple.com/en-us/HT213346" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213344", + "name": "https://support.apple.com/en-us/HT213344" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213343", + "name": "https://support.apple.com/en-us/HT213343" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. An app with root privileges may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2022/32xxx/CVE-2022-32834.json b/2022/32xxx/CVE-2022-32834.json index 42e48e8f137..5c904dfb3ad 100644 --- a/2022/32xxx/CVE-2022-32834.json +++ b/2022/32xxx/CVE-2022-32834.json @@ -4,14 +4,91 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-32834", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.5" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "11.6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "2022" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access sensitive user information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213345", + "name": "https://support.apple.com/en-us/HT213345" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213344", + "name": "https://support.apple.com/en-us/HT213344" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213343", + "name": "https://support.apple.com/en-us/HT213343" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to access sensitive user information." } ] } diff --git a/2022/32xxx/CVE-2022-32837.json b/2022/32xxx/CVE-2022-32837.json index 6df40af5c38..ed28b687cf3 100644 --- a/2022/32xxx/CVE-2022-32837.json +++ b/2022/32xxx/CVE-2022-32837.json @@ -4,14 +4,91 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-32837", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.5" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to cause unexpected system termination or write kernel memory" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213345", + "name": "https://support.apple.com/en-us/HT213345" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213342", + "name": "https://support.apple.com/en-us/HT213342" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213346", + "name": "https://support.apple.com/en-us/HT213346" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to cause unexpected system termination or write kernel memory." } ] } diff --git a/2022/32xxx/CVE-2022-32838.json b/2022/32xxx/CVE-2022-32838.json index c789aa087dd..9951c784146 100644 --- a/2022/32xxx/CVE-2022-32838.json +++ b/2022/32xxx/CVE-2022-32838.json @@ -4,14 +4,107 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-32838", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.5" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "11.6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "2022" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to read arbitrary files" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213345", + "name": "https://support.apple.com/en-us/HT213345" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213346", + "name": "https://support.apple.com/en-us/HT213346" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213344", + "name": "https://support.apple.com/en-us/HT213344" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213343", + "name": "https://support.apple.com/en-us/HT213343" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6. An app may be able to read arbitrary files." } ] } diff --git a/2022/32xxx/CVE-2022-32839.json b/2022/32xxx/CVE-2022-32839.json index 98111fa773a..612d0eee517 100644 --- a/2022/32xxx/CVE-2022-32839.json +++ b/2022/32xxx/CVE-2022-32839.json @@ -4,14 +4,139 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-32839", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.5" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "11.6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "2022" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "8.7" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A remote user may cause an unexpected app termination or arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213345", + "name": "https://support.apple.com/en-us/HT213345" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213340", + "name": "https://support.apple.com/en-us/HT213340" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213342", + "name": "https://support.apple.com/en-us/HT213342" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213346", + "name": "https://support.apple.com/en-us/HT213346" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213344", + "name": "https://support.apple.com/en-us/HT213344" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213343", + "name": "https://support.apple.com/en-us/HT213343" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A remote user may cause an unexpected app termination or arbitrary code execution." } ] } diff --git a/2022/32xxx/CVE-2022-32840.json b/2022/32xxx/CVE-2022-32840.json index 28464a3410b..079685474c7 100644 --- a/2022/32xxx/CVE-2022-32840.json +++ b/2022/32xxx/CVE-2022-32840.json @@ -4,14 +4,91 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-32840", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.5" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "8.7" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213345", + "name": "https://support.apple.com/en-us/HT213345" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213340", + "name": "https://support.apple.com/en-us/HT213340" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213346", + "name": "https://support.apple.com/en-us/HT213346" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2022/32xxx/CVE-2022-32857.json b/2022/32xxx/CVE-2022-32857.json index 5fb0dc603e2..050eea8e066 100644 --- a/2022/32xxx/CVE-2022-32857.json +++ b/2022/32xxx/CVE-2022-32857.json @@ -4,14 +4,139 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-32857", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.5" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "11.6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "2022" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "8.7" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A user in a privileged network position can track a user\u2019s activity" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213345", + "name": "https://support.apple.com/en-us/HT213345" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213340", + "name": "https://support.apple.com/en-us/HT213340" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213342", + "name": "https://support.apple.com/en-us/HT213342" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213346", + "name": "https://support.apple.com/en-us/HT213346" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213344", + "name": "https://support.apple.com/en-us/HT213344" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213343", + "name": "https://support.apple.com/en-us/HT213343" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A user in a privileged network position can track a user\u2019s activity." } ] } diff --git a/2022/32xxx/CVE-2022-32893.json b/2022/32xxx/CVE-2022-32893.json index 96cfeae85eb..6b0c2b7abe3 100644 --- a/2022/32xxx/CVE-2022-32893.json +++ b/2022/32xxx/CVE-2022-32893.json @@ -4,14 +4,91 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-32893", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.5" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213414", + "name": "https://support.apple.com/en-us/HT213414" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213412", + "name": "https://support.apple.com/en-us/HT213412" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213413", + "name": "https://support.apple.com/en-us/HT213413" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." } ] } diff --git a/2022/32xxx/CVE-2022-32894.json b/2022/32xxx/CVE-2022-32894.json index c11a6c5ccd9..e4ee9956a49 100644 --- a/2022/32xxx/CVE-2022-32894.json +++ b/2022/32xxx/CVE-2022-32894.json @@ -4,14 +4,75 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-32894", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.5" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213412", + "name": "https://support.apple.com/en-us/HT213412" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213413", + "name": "https://support.apple.com/en-us/HT213413" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited." } ] } diff --git a/2022/38xxx/CVE-2022-38731.json b/2022/38xxx/CVE-2022-38731.json new file mode 100644 index 00000000000..75a46117336 --- /dev/null +++ b/2022/38xxx/CVE-2022-38731.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-38731", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/38xxx/CVE-2022-38732.json b/2022/38xxx/CVE-2022-38732.json new file mode 100644 index 00000000000..7f10caaa4b7 --- /dev/null +++ b/2022/38xxx/CVE-2022-38732.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-38732", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/38xxx/CVE-2022-38733.json b/2022/38xxx/CVE-2022-38733.json new file mode 100644 index 00000000000..bf8e566a761 --- /dev/null +++ b/2022/38xxx/CVE-2022-38733.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-38733", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/38xxx/CVE-2022-38734.json b/2022/38xxx/CVE-2022-38734.json new file mode 100644 index 00000000000..a9982d3da4a --- /dev/null +++ b/2022/38xxx/CVE-2022-38734.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-38734", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/38xxx/CVE-2022-38735.json b/2022/38xxx/CVE-2022-38735.json new file mode 100644 index 00000000000..f578bb0f0bf --- /dev/null +++ b/2022/38xxx/CVE-2022-38735.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-38735", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/38xxx/CVE-2022-38736.json b/2022/38xxx/CVE-2022-38736.json new file mode 100644 index 00000000000..e931469e2d9 --- /dev/null +++ b/2022/38xxx/CVE-2022-38736.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-38736", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/38xxx/CVE-2022-38737.json b/2022/38xxx/CVE-2022-38737.json new file mode 100644 index 00000000000..51849e2e8d9 --- /dev/null +++ b/2022/38xxx/CVE-2022-38737.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-38737", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/38xxx/CVE-2022-38738.json b/2022/38xxx/CVE-2022-38738.json new file mode 100644 index 00000000000..75bf850ed0b --- /dev/null +++ b/2022/38xxx/CVE-2022-38738.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-38738", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/38xxx/CVE-2022-38739.json b/2022/38xxx/CVE-2022-38739.json new file mode 100644 index 00000000000..1ef6d9989e6 --- /dev/null +++ b/2022/38xxx/CVE-2022-38739.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-38739", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/38xxx/CVE-2022-38740.json b/2022/38xxx/CVE-2022-38740.json new file mode 100644 index 00000000000..4c1ec813607 --- /dev/null +++ b/2022/38xxx/CVE-2022-38740.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-38740", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/38xxx/CVE-2022-38741.json b/2022/38xxx/CVE-2022-38741.json new file mode 100644 index 00000000000..6b232365fa8 --- /dev/null +++ b/2022/38xxx/CVE-2022-38741.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-38741", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file