» 2022 » 9월

CVE-2022-32787

Posted on 2022년 9월 24일2022년 9월 24일 by admin

CVE-2022-32787

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. Processing maliciously crafted web content may lead to arbitrary code execution.

Source: CVE-2022-32787

CVE-2022-32786

Posted on 2022년 9월 24일2022년 9월 24일 by admin

CVE-2022-32786

An issue in the handling of environment variables was addressed with improved validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to modify protected parts of the file system.

Source: CVE-2022-32786

CVE-2022-32799

Posted on 2022년 9월 24일2022년 9월 24일 by admin

CVE-2022-32799

An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Monterey 12.5. A user in a privileged network position may be able to leak sensitive information.

Source: CVE-2022-32799

CVE-2022-32798

Posted on 2022년 9월 24일2022년 9월 24일 by admin

CVE-2022-32798

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.5. An app may be able to gain elevated privileges.

Source: CVE-2022-32798

CVE-2022-32781

Posted on 2022년 9월 24일2022년 9월 24일 by admin

CVE-2022-32781

This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5, Security Update 2022-005 Catalina, macOS Big Sur 11.6.8. An app with root privileges may be able to access private information.

Source: CVE-2022-32781

CVE-2022-32800

Posted on 2022년 9월 24일2022년 9월 24일 by admin

CVE-2022-32800

This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to modify protected parts of the file system.

Source: CVE-2022-32800

CVE-2022-32801

Posted on 2022년 9월 24일2022년 9월 24일 by admin

CVE-2022-32801

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5. An app may be able to gain root privileges.

Source: CVE-2022-32801

CVE-2022-32805

Posted on 2022년 9월 24일2022년 9월 24일 by admin

CVE-2022-32805

The issue was addressed with improved handling of caches. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to access sensitive user information.

Source: CVE-2022-32805

CVE-2022-30124

Posted on 2022년 9월 24일2022년 9월 24일 by admin

CVE-2022-30124

An improper authentication vulnerability exists in Rocket.Chat Mobile App <4.14.1.22788 that allowed an attacker with physical access to a mobile device to bypass local authentication (PIN code).

Source: CVE-2022-30124

CVE-2022-32226

Posted on 2022년 9월 24일2022년 9월 24일 by admin

CVE-2022-32226

An improper access control vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 due to input data in the getUsersOfRoom Meteor server method is not type validated, so that MongoDB query operator objects are accepted by the server, so that instead of a matching rid String a$regex query can be executed, bypassing the room access permission check for every but the first matching room.

Source: CVE-2022-32226