admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-12-15 18:39:55 +00:00
parent 62ea18937a
commit 792210f5e4
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
99 changed files with 5405 additions and 377 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
2020/20xxx/CVE-2020-20588.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-20588",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-20588",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/zhimengzhe/iBarn/issues/13",
"refsource": "MISC",
"name": "https://github.com/zhimengzhe/iBarn/issues/13"
}
]
}

56
2020/20xxx/CVE-2020-20589.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-20589",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-20589",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/liufee/cms/issues/45",
"url": "https://github.com/liufee/cms/issues/45"
}
]
}

56
2020/21xxx/CVE-2020-21219.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-21219",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-21219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acme_certificate_edit.php page of the ACME package."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://redmine.pfsense.org/issues/9888",
"url": "https://redmine.pfsense.org/issues/9888"
}
]
}

56
2020/24xxx/CVE-2020-24855.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-24855",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-24855",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Directory Traversal vulnerability in easywebpack-cli before 4.5.2 allows attackers to obtain sensitive information via crafted GET request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/easy-team/easywebpack-cli/issues/25",
"refsource": "MISC",
"name": "https://github.com/easy-team/easywebpack-cli/issues/25"
}
]
}

5
2020/25xxx/CVE-2020-25736.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://kb.acronis.com/content/68061",
"url": "https://kb.acronis.com/content/68061"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/170246/Acronis-TrueImage-XPC-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/170246/Acronis-TrueImage-XPC-Privilege-Escalation.html"
}
]
}

48
2020/36xxx/CVE-2020-36607.json
View File

@ -5,13 +5,57 @@
"CVE_data_meta": {
"ID": "CVE-2020-36607",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/liufee/cms/issues/45",
"url": "https://github.com/liufee/cms/issues/45"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag."
}
]
}

71
2021/33xxx/CVE-2021-33420.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-33420",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-33420",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A deserialization issue discovered in inikulin replicator before 1.0.4 allows remote attackers to run arbitrary code via the fromSerializable function in TypedArray object."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/inikulin/replicator/issues/16",
"refsource": "MISC",
"name": "https://github.com/inikulin/replicator/issues/16"
},
{
"url": "https://github.com/inikulin/replicator/pull/17",
"refsource": "MISC",
"name": "https://github.com/inikulin/replicator/pull/17"
},
{
"url": "https://github.com/inikulin/replicator/commit/2c626242fb4a118855262c64b5731b2ce98e521b",
"refsource": "MISC",
"name": "https://github.com/inikulin/replicator/commit/2c626242fb4a118855262c64b5731b2ce98e521b"
},
{
"url": "https://advisory.checkmarx.net/advisory/CX-2021-4787",
"refsource": "MISC",
"name": "https://advisory.checkmarx.net/advisory/CX-2021-4787"
}
]
}

56
2021/36xxx/CVE-2021-36572.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-36572",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-36572",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting (XSS) vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via the user name field of the login page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/liufee/cms/issues/58",
"refsource": "MISC",
"name": "https://github.com/liufee/cms/issues/58"
}
]
}

56
2021/36xxx/CVE-2021-36573.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-36573",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-36573",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "File Upload vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via crafted image upload."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/liufee/cms/issues/59",
"refsource": "MISC",
"name": "https://github.com/liufee/cms/issues/59"
}
]
}

56
2021/39xxx/CVE-2021-39426.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-39426",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-39426",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in /Upload/admin/admin_notify.php in Seacms 11.4 allows attackers to execute arbitrary php code via the notify1 parameter when the action parameter equals set."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/seacms-com/seacms/issues/21",
"url": "https://github.com/seacms-com/seacms/issues/21"
}
]
}

56
2021/39xxx/CVE-2021-39427.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-39427",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-39427",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross site scripting vulnerability in 188Jianzhan 2.10 allows attackers to execute arbitrary code via the username parameter to /admin/reg.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/vtime-tech/188Jianzhan/issues/4",
"refsource": "MISC",
"name": "https://github.com/vtime-tech/188Jianzhan/issues/4"
}
]
}

56
2021/39xxx/CVE-2021-39428.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-39428",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-39428",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting (XSS) vulnerability in Users.php in eyoucms 1.5.4 allows remote attackers to run arbitrary code and gain escalated privilege via the filename for edit_users_head_pic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/eyoucms/eyoucms/issues/14",
"refsource": "MISC",
"name": "https://github.com/eyoucms/eyoucms/issues/14"
}
]
}

67
2021/4xxx/CVE-2021-4226.json
View File

@ -1,18 +1,75 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4226",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-639 Authorization Bypass Through User-Controlled Key"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "RSFirewall!",
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/c0ed80c8-ebbf-4ed9-b02f-31660097c352",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/c0ed80c8-ebbf-4ed9-b02f-31660097c352"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Daniel Ruf"
}
]
}

5
2022/31xxx/CVE-2022-31692.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://tanzu.vmware.com/security/cve-2022-31692",
"url": "https://tanzu.vmware.com/security/cve-2022-31692"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20221215-0010/",
"url": "https://security.netapp.com/advisory/ntap-20221215-0010/"
}
]
},

51
2022/32xxx/CVE-2022-32833.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32833",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An unauthorized user may be able to access browsing history"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213446",
"name": "https://support.apple.com/en-us/HT213446"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored. This issue is fixed in iOS 16. An unauthorized user may be able to access browsing history."
}
]
}

83
2022/32xxx/CVE-2022-32860.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32860",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.5"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213345",
"name": "https://support.apple.com/en-us/HT213345"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213346",
"name": "https://support.apple.com/en-us/HT213346"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213344",
"name": "https://support.apple.com/en-us/HT213344"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, macOS Big Sur 11.6.8. An app may be able to execute arbitrary code with kernel privileges."
}
]
}

51
2022/32xxx/CVE-2022-32916.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32916",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to disclose kernel memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213446",
"name": "https://support.apple.com/en-us/HT213446"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 16. An app may be able to disclose kernel memory."
}
]
}

83
2022/32xxx/CVE-2022-32942.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32942",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213534",
"name": "https://support.apple.com/en-us/HT213534"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213533",
"name": "https://support.apple.com/en-us/HT213533"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. An app may be able to execute arbitrary code with kernel privileges."
}
]
}

67
2022/32xxx/CVE-2022-32943.json
View File

@ -4,14 +4,75 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32943",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Shake-to-undo may allow a deleted photo to be re-surfaced without authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication."
}
]
}

51
2022/32xxx/CVE-2022-32945.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32945",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to record audio with paired AirPods"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213488",
"name": "https://support.apple.com/en-us/HT213488"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An access issue was addressed with additional sandbox restrictions on third-party apps. This issue is fixed in macOS Ventura 13. An app may be able to record audio with paired AirPods."
}
]
}

67
2022/32xxx/CVE-2022-32948.json
View File

@ -4,14 +4,75 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32948",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.5"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213345",
"name": "https://support.apple.com/en-us/HT213345"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213346",
"name": "https://support.apple.com/en-us/HT213346"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges."
}
]
}

5
2022/36xxx/CVE-2022-36534.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "https://www.mgm-sp.com/en/multiple-vulnerabilities-in-syncovery-for-linux/",
"url": "https://www.mgm-sp.com/en/multiple-vulnerabilities-in-syncovery-for-linux/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/170245/Syncovery-For-Linux-Web-GUI-Authenticated-Remote-Command-Execution.html",
"url": "http://packetstormsecurity.com/files/170245/Syncovery-For-Linux-Web-GUI-Authenticated-Remote-Command-Execution.html"
}
]
}

5
2022/39xxx/CVE-2022-39328.json
View File

@ -73,6 +73,11 @@
"name": "https://github.com/grafana/grafana/security/advisories/GHSA-vqc4-mpj8-jxch",
"refsource": "CONFIRM",
"url": "https://github.com/grafana/grafana/security/advisories/GHSA-vqc4-mpj8-jxch"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20221215-0003/",
"url": "https://security.netapp.com/advisory/ntap-20221215-0003/"
}
]
},

4
2022/39xxx/CVE-2022-39916.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39916",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39917.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39917",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39918.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39918",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39919.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39919",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39920.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39920",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39921.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39921",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39922.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39922",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39923.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39923",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39924.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39924",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39925.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39925",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39926.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39926",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39927.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39927",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39928.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39928",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39929.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39929",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39930.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39930",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39931.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39931",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39932.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39932",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39933.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39933",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39934.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39934",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39935.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39935",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39936.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39936",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39937.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39937",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39938.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39938",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39939.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39939",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39940.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39940",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39941.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39941",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39942.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39942",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

4
2022/39xxx/CVE-2022-39943.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2022-39943",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
}
]
}

56
2022/40xxx/CVE-2022-40000.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40000",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-40000",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/liufee/cms/issues/64",
"refsource": "MISC",
"name": "https://github.com/liufee/cms/issues/64"
}
]
}

56
2022/40xxx/CVE-2022-40001.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40001",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-40001",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the title field of the create article page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/liufee/cms/issues/65",
"refsource": "MISC",
"name": "https://github.com/liufee/cms/issues/65"
}
]
}

56
2022/40xxx/CVE-2022-40002.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40002",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-40002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbirtary code via the callback parameter to /cms/notify."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/liufee/cms/issues/66",
"refsource": "MISC",
"name": "https://github.com/liufee/cms/issues/66"
}
]
}

56
2022/40xxx/CVE-2022-40373.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40373",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-40373",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.1.1 allows remote attackers to run arbitrary code via upload of crafted XML file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/liufee/cms/issues/67",
"refsource": "MISC",
"name": "https://github.com/liufee/cms/issues/67"
}
]
}

67
2022/42xxx/CVE-2022-42805.json
View File

@ -4,14 +4,75 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42805",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.5"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213345",
"name": "https://support.apple.com/en-us/HT213345"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213346",
"name": "https://support.apple.com/en-us/HT213346"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An integer overflow was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges."
}
]
}

83
2022/42xxx/CVE-2022-42821.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42821",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may bypass Gatekeeper checks"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213488",
"name": "https://support.apple.com/en-us/HT213488"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213534",
"name": "https://support.apple.com/en-us/HT213534"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213533",
"name": "https://support.apple.com/en-us/HT213533"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Big Sur 11.7.2, macOS Ventura 13. An app may bypass Gatekeeper checks."
}
]
}

99
2022/42xxx/CVE-2022-42837.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42837",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, watchOS 9.2. A remote user may be able to cause unexpected app termination or arbitrary code execution."
}
]
}

115
2022/42xxx/CVE-2022-42840.json
View File

@ -4,14 +4,123 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42840",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213534",
"name": "https://support.apple.com/en-us/HT213534"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213533",
"name": "https://support.apple.com/en-us/HT213533"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2. An app may be able to execute arbitrary code with kernel privileges."
}
]
}

83
2022/42xxx/CVE-2022-42841.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42841",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted package may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213534",
"name": "https://support.apple.com/en-us/HT213534"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213533",
"name": "https://support.apple.com/en-us/HT213533"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A type confusion issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. Processing a maliciously crafted package may lead to arbitrary code execution."
}
]
}

131
2022/42xxx/CVE-2022-42842.json
View File

@ -4,14 +4,139 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42842",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote user may be able to cause kernel code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213534",
"name": "https://support.apple.com/en-us/HT213534"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213533",
"name": "https://support.apple.com/en-us/HT213533"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. A remote user may be able to cause kernel code execution."
}
]
}

99
2022/42xxx/CVE-2022-42843.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42843",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A user may be able to view sensitive user information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "This issue was addressed with improved data protection. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. A user may be able to view sensitive user information."
}
]
}

51
2022/42xxx/CVE-2022-42844.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42844",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2. An app may be able to break out of its sandbox."
}
]
}

131
2022/42xxx/CVE-2022-42845.json
View File

@ -4,14 +4,139 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42845",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app with root privileges may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213534",
"name": "https://support.apple.com/en-us/HT213534"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213533",
"name": "https://support.apple.com/en-us/HT213533"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app with root privileges may be able to execute arbitrary code with kernel privileges."
}
]
}

67
2022/42xxx/CVE-2022-42846.json
View File

@ -4,14 +4,75 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42846",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Parsing a maliciously crafted video file may lead to unexpected system termination"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"name": "https://support.apple.com/en-us/HT213531"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2. Parsing a maliciously crafted video file may lead to unexpected system termination."
}
]
}

51
2022/42xxx/CVE-2022-42847.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42847",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges."
}
]
}

83
2022/42xxx/CVE-2022-42848.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42848",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"name": "https://support.apple.com/en-us/HT213531"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2. An app may be able to execute arbitrary code with kernel privileges."
}
]
}

83
2022/42xxx/CVE-2022-42849.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42849",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A user may be able to elevate privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue is fixed in iOS 16.2 and iPadOS 16.2, tvOS 16.2, watchOS 9.2. A user may be able to elevate privileges."
}
]
}

51
2022/42xxx/CVE-2022-42850.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42850",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2. An app may be able to execute arbitrary code with kernel privileges."
}
]
}

67
2022/42xxx/CVE-2022-42851.json
View File

@ -4,14 +4,75 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42851",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Parsing a maliciously crafted TIFF file may lead to disclosure of user information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, tvOS 16.2. Parsing a maliciously crafted TIFF file may lead to disclosure of user information."
}
]
}

131
2022/42xxx/CVE-2022-42852.json
View File

@ -4,14 +4,139 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42852",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may result in the disclosure of process memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213537",
"name": "https://support.apple.com/en-us/HT213537"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory."
}
]
}

51
2022/42xxx/CVE-2022-42853.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42853",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to modify protected parts of the file system"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.1. An app may be able to modify protected parts of the file system."
}
]
}

67
2022/42xxx/CVE-2022-42854.json
View File

@ -4,14 +4,75 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42854",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to disclose kernel memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213533",
"name": "https://support.apple.com/en-us/HT213533"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1. An app may be able to disclose kernel memory."
}
]
}

115
2022/42xxx/CVE-2022-42855.json
View File

@ -4,14 +4,123 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42855",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to use arbitrary entitlements"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213533",
"name": "https://support.apple.com/en-us/HT213533"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2. An app may be able to use arbitrary entitlements."
}
]
}

115
2022/42xxx/CVE-2022-42856.json
View File

@ -4,14 +4,123 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42856",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213516",
"name": "https://support.apple.com/en-us/HT213516"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213537",
"name": "https://support.apple.com/en-us/HT213537"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.."
}
]
}

83
2022/42xxx/CVE-2022-42859.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42859",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to bypass Privacy preferences"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Multiple issues were addressed by removing the vulnerable code. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, watchOS 9.2. An app may be able to bypass Privacy preferences."
}
]
}

99
2022/42xxx/CVE-2022-42861.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42861",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213533",
"name": "https://support.apple.com/en-us/HT213533"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "This issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2. An app may be able to break out of its sandbox."
}
]
}

67
2022/42xxx/CVE-2022-42862.json
View File

@ -4,14 +4,75 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42862",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to bypass Privacy preferences"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. An app may be able to bypass Privacy preferences."
}
]
}

115
2022/42xxx/CVE-2022-42863.json
View File

@ -4,14 +4,123 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42863",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213537",
"name": "https://support.apple.com/en-us/HT213537"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
}

147
2022/42xxx/CVE-2022-42864.json
View File

@ -4,14 +4,155 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42864",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213534",
"name": "https://support.apple.com/en-us/HT213534"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213533",
"name": "https://support.apple.com/en-us/HT213533"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges."
}
]
}

99
2022/42xxx/CVE-2022-42865.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42865",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to bypass Privacy preferences"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "This issue was addressed by enabling hardened runtime. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to bypass Privacy preferences."
}
]
}

99
2022/42xxx/CVE-2022-42866.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42866",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to read sensitive location information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The issue was addressed with improved handling of caches. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to read sensitive location information."
}
]
}

115
2022/42xxx/CVE-2022-42867.json
View File

@ -4,14 +4,123 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42867",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213537",
"name": "https://support.apple.com/en-us/HT213537"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
}

147
2022/46xxx/CVE-2022-46689.json
View File

@ -4,14 +4,155 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46689",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213534",
"name": "https://support.apple.com/en-us/HT213534"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213533",
"name": "https://support.apple.com/en-us/HT213533"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A race condition was addressed with additional validation. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges."
}
]
}

99
2022/46xxx/CVE-2022-46690.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46690",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges."
}
]
}

131
2022/46xxx/CVE-2022-46691.json
View File

@ -4,14 +4,139 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46691",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213537",
"name": "https://support.apple.com/en-us/HT213537"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
}

147
2022/46xxx/CVE-2022-46692.json
View File

@ -4,14 +4,155 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46692",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "14.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may bypass Same Origin Policy"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213538",
"name": "https://support.apple.com/en-us/HT213538"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213537",
"name": "https://support.apple.com/en-us/HT213537"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy."
}
]
}

115
2022/46xxx/CVE-2022-46693.json
View File

@ -4,14 +4,123 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46693",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "14.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted file may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213538",
"name": "https://support.apple.com/en-us/HT213538"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing a maliciously crafted file may lead to arbitrary code execution."
}
]
}

99
2022/46xxx/CVE-2022-46694.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46694",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Parsing a maliciously crafted video file may lead to kernel code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2, watchOS 9.2. Parsing a maliciously crafted video file may lead to kernel code execution."
}
]
}

115
2022/46xxx/CVE-2022-46695.json
View File

@ -4,14 +4,123 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46695",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Visiting a website that frames malicious content may lead to UI spoofing"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Visiting a website that frames malicious content may lead to UI spoofing."
}
]
}

115
2022/46xxx/CVE-2022-46696.json
View File

@ -4,14 +4,123 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46696",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213537",
"name": "https://support.apple.com/en-us/HT213537"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
}

51
2022/46xxx/CVE-2022-46697.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46697",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges."
}
]
}

131
2022/46xxx/CVE-2022-46698.json
View File

@ -4,14 +4,139 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46698",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "14.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may disclose sensitive user information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213538",
"name": "https://support.apple.com/en-us/HT213538"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213537",
"name": "https://support.apple.com/en-us/HT213537"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information."
}
]
}

115
2022/46xxx/CVE-2022-46699.json
View File

@ -4,14 +4,123 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46699",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213537",
"name": "https://support.apple.com/en-us/HT213537"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
}

131
2022/46xxx/CVE-2022-46700.json
View File

@ -4,14 +4,139 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46700",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213537",
"name": "https://support.apple.com/en-us/HT213537"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
}

83
2022/46xxx/CVE-2022-46701.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46701",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2. Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges."
}
]
}

51
2022/46xxx/CVE-2022-46702.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46702",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to disclose kernel memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"name": "https://support.apple.com/en-us/HT213530"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2. An app may be able to disclose kernel memory."
}
]
}

18
2022/47xxx/CVE-2022-47502.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-47502",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

171
2022/4xxx/CVE-2022-4506.json
View File

@ -1,89 +1,94 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-4506",
"STATE": "PUBLIC",
"TITLE": "Unrestricted Upload of File with Dangerous Type in openemr/openemr"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "openemr/openemr",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "7.0.0.2"
}
]
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-4506",
"STATE": "PUBLIC",
"TITLE": "Unrestricted Upload of File with Dangerous Type in openemr/openemr"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "openemr/openemr",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "7.0.0.2"
}
]
}
}
]
},
"vendor_name": "openemr"
}
}
]
},
"vendor_name": "openemr"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unrestricted Upload of File with Dangerous Type in GitHub repository openemr/openemr prior to 7.0.0.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unrestricted Upload of File with Dangerous Type in GitHub repository openemr/openemr prior to 7.0.0.2."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/f423d193-4ab0-4f03-ad90-25e4f02e7942",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/f423d193-4ab0-4f03-ad90-25e4f02e7942"
},
{
"name": "https://github.com/openemr/openemr/commit/2e7678d812df167ea3c0756382408b670e8aa51f",
"refsource": "MISC",
"url": "https://github.com/openemr/openemr/commit/2e7678d812df167ea3c0756382408b670e8aa51f"
}
]
},
"source": {
"advisory": "f423d193-4ab0-4f03-ad90-25e4f02e7942",
"discovery": "EXTERNAL"
}
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/f423d193-4ab0-4f03-ad90-25e4f02e7942",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/f423d193-4ab0-4f03-ad90-25e4f02e7942"
},
{
"name": "https://github.com/openemr/openemr/commit/2e7678d812df167ea3c0756382408b670e8aa51f",
"refsource": "MISC",
"url": "https://github.com/openemr/openemr/commit/2e7678d812df167ea3c0756382408b670e8aa51f"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-4506",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4506"
}
]
},
"source": {
"advisory": "f423d193-4ab0-4f03-ad90-25e4f02e7942",
"discovery": "EXTERNAL"
}
}