CVE-2022-32836
This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data.
Source: CVE-2022-32836
[월:] 2023년 02월
CVE-2022-32830
CVE-2022-32830
An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information.
Source: CVE-2022-32830
CVE-2022-32784
CVE-2022-32784
The issue was addressed with improved UI handling. This issue is fixed in Safari 15.6, iOS 15.6 and iPadOS 15.6. Visiting a maliciously crafted website may leak sensitive data.
Source: CVE-2022-32784
CVE-2022-32824
CVE-2022-32824
The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory.
Source: CVE-2022-32824
CVE-2021-46841
CVE-2021-46841
This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user’s activity.
Source: CVE-2021-46841
CVE-2022-26760
CVE-2022-26760
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. A malicious application may be able to elevate privileges.
Source: CVE-2022-26760
CVE-2020-9846
CVE-2020-9846
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users’ Apple IDs.
Source: CVE-2020-9846
CVE-2023-24253
CVE-2023-24253
Domotica Labs srl Ikon Server before v2.8.6 was discovered to contain a SQL injection vulnerability.
Source: CVE-2023-24253
CVE-2023-24249
CVE-2023-24249
An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file.
Source: CVE-2023-24249
CVE-2022-48305
CVE-2022-48305
There is an identity authentication bypass vulnerability in Huawei Children Smart Watch (Simba-AL00) 1.1.1.274. Successful exploitation of this vulnerability may cause the access control function of specific applications to fail.
Source: CVE-2022-48305