{"vulnerability": "CVE-2022-22620", "sightings": [{"uuid": "524c5e71-7225-4720-8b01-7f69426c8d1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "e30d0050-6d56-4a6f-a197-e64e54b36f65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971252", "content": "", "creation_timestamp": "2024-12-24T20:26:32.295108Z"}, {"uuid": "52efe06e-51cf-4f5e-8bd3-56f622af52c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:34.000000Z"}, {"uuid": "55ff110f-06bc-478d-8e01-a61f07ebf086", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "exploited", "source": "https://t.me/ckuRED/149", "content": "Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited in the Wild.\n\nThe issue, tracked as CVE-2022-22620 (CVSS score: 8.8), concerns a case of a use-after-free vulnerability in the WebKit component that could be exploited by a piece of specially crafted web content to gain arbitrary code execution.\n\nhttps://googleprojectzero.blogspot.com/2022/06/an-autopsy-on-zombie-in-wild-0-day.html", "creation_timestamp": "2022-06-20T16:41:24.000000Z"}, {"uuid": "e2652f32-06a0-4a13-8474-14d35a118280", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-22620", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=738", "content": "", "creation_timestamp": "2022-02-11T04:00:00.000000Z"}, {"uuid": "05affa37-a2cd-4308-ad71-2cb848561b59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-22620", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/1d7d4dbe-1d29-4008-80ff-6e046d9c3156", "content": "", "creation_timestamp": "2026-02-02T12:28:23.749328Z"}, {"uuid": "7551d912-b7dd-4d51-99e7-0a9739c69b64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2509", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22620: Use-after-free in Safari\nURL\uff1ahttps://github.com/kmeps4/CVE-2022-22620\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-14T22:15:20.000000Z"}, {"uuid": "69e5bbab-0a64-4642-bb60-dec6f6d624a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "exploited", "source": "https://t.me/cKure/9803", "content": "Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited in the Wild.\n\nThe issue, tracked as CVE-2022-22620 (CVSS score: 8.8), concerns a case of a use-after-free vulnerability in the WebKit component that could be exploited by a piece of specially crafted web content to gain arbitrary code execution.\n\nhttps://googleprojectzero.blogspot.com/2022/06/an-autopsy-on-zombie-in-wild-0-day.html", "creation_timestamp": "2022-06-20T16:41:35.000000Z"}, {"uuid": "5a993db8-7b62-40af-ad56-5856921ab471", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "seen", "source": "https://t.me/poxek/2626", "content": "\u041f\u0430\u043a \u0441\u0432\u0435\u0436\u0438\u0445 \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 CVE \u0434\u043b\u044f Apple:\n\nCVE-2022-22587 (IOMobileFrameBuffer) \u2013 A malicious application may be able to execute arbitrary code with kernel privileges\nCVE-2022-22594 (WebKit Storage) \u2013 A website may be able to track sensitive user information (publicly known but not actively exploited)\nCVE-2022-22620 (WebKit) \u2013 Processing maliciously crafted web content may lead to arbitrary code execution\nCVE-2022-22674 (Intel Graphics Driver) \u2013 An application may be able to read kernel memory\nCVE-2022-22675 (AppleAVD) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-32893 (WebKit) \u2013 Processing maliciously crafted web content may lead to arbitrary code execution\nCVE-2022-32894 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-32917 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-42827 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges", "creation_timestamp": "2022-12-14T14:05:53.000000Z"}, {"uuid": "2f1613b8-0562-403b-9f84-962750a547fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "seen", "source": "https://t.me/poxek/810", "content": "Update iOS! There is a dangerous vulnerability in WebKit (CVE-2022-22620) | Kaspersky official blog\n\u25b6\ufe0f \u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\n\n\u041f\u043e\u0434\u043f\u0438\u0441\u044b\u0432\u0430\u0439\u0442\u0435\u0441\u044c \u2705", "creation_timestamp": "2022-02-12T08:30:27.000000Z"}, {"uuid": "ef31bea8-dd8f-4937-a1e2-0e1dc45ecfa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "seen", "source": "https://t.me/monkey_hacker/34", "content": "\u041f\u0430\u043a \u0441\u0432\u0435\u0436\u0438\u0445 \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 CVE \u0434\u043b\u044f Apple:\n\nCVE-2022-22587 (IOMobileFrameBuffer) \u2013 A malicious application may be able to execute arbitrary code with kernel privileges\nCVE-2022-22594 (WebKit Storage) \u2013 A website may be able to track sensitive user information (publicly known but not actively exploited)\nCVE-2022-22620 (WebKit) \u2013 Processing maliciously crafted web content may lead to arbitrary code execution\nCVE-2022-22674 (Intel Graphics Driver) \u2013 An application may be able to read kernel memory\nCVE-2022-22675 (AppleAVD) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-32893 (WebKit) \u2013 Processing maliciously crafted web content may lead to arbitrary code execution\nCVE-2022-32894 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-32917 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-42827 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges", "creation_timestamp": "2022-12-15T04:14:34.000000Z"}, {"uuid": "e4e98dea-cc79-4f69-b75e-f6791d0349e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "exploited", "source": "https://t.me/arpsyndicate/975", "content": "#ExploitObserverAlert\n\nCVE-2022-22620\n\nDESCRIPTION: Exploit Observer has 17 entries related to CVE-2022-22620. A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..\n\nFIRST-EPSS: 0.002380000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-03T16:17:24.000000Z"}, {"uuid": "25624e02-60f0-46f1-bf94-395d38771f2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "published-proof-of-concept", "source": "https://t.me/hydral0gs/1263", "content": "https://github.com/kmeps4/CVE-2022-22620\n#\u043f\u043e\u043a\u0443\u0448\u0430\u0442\u044c_\u043f\u0440\u0438\u043d\u0435\u0441 #\u043f\u0440\u044f\u043d\u043e\u0441\u0442\u044c", "creation_timestamp": "2023-04-18T15:01:29.000000Z"}, {"uuid": "016686d4-eda2-4cc8-b8af-902ac8498e32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "published-proof-of-concept", "source": "https://t.me/hydral0gs/43", "content": "https://github.com/kmeps4/CVE-2022-22620\n#\u043f\u043e\u043a\u0443\u0448\u0430\u0442\u044c_\u043f\u0440\u0438\u043d\u0435\u0441 #\u043f\u0440\u044f\u043d\u043e\u0441\u0442\u044c", "creation_timestamp": "2023-04-18T15:01:29.000000Z"}, {"uuid": "7dd10eda-6099-4608-b309-3deaf8d98a24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "seen", "source": "https://t.me/netrunnerz/368", "content": "\u041f\u0430\u043a \u0441\u0432\u0435\u0436\u0438\u0445 \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 CVE \u0434\u043b\u044f Apple:\n\nCVE-2022-22587 (IOMobileFrameBuffer) \u2013 A malicious application may be able to execute arbitrary code with kernel privileges\nCVE-2022-22594 (WebKit Storage) \u2013 A website may be able to track sensitive user information (publicly known but not actively exploited)\nCVE-2022-22620 (WebKit) \u2013 Processing maliciously crafted web content may lead to arbitrary code execution\nCVE-2022-22674 (Intel Graphics Driver) \u2013 An application may be able to read kernel memory\nCVE-2022-22675 (AppleAVD) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-32893 (WebKit) \u2013 Processing maliciously crafted web content may lead to arbitrary code execution\nCVE-2022-32894 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-32917 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-42827 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges", "creation_timestamp": "2022-12-14T15:21:30.000000Z"}, {"uuid": "5d2fa340-c2d8-4c4c-b4a7-472de500d5e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "exploited", "source": "https://t.me/true_secator/3082", "content": "\u041f\u043e\u0445\u043e\u0436\u0435, \u0447\u0442\u043e \u0435\u0449\u0435 \u043e\u0434\u0438\u043d \u0410\u041d\u0411\u0448\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 \u0441\u043f\u0438\u0441\u0430\u043b\u0438 \u0432 \u0443\u0442\u0438\u043b\u044c \u043f\u043e\u0441\u043b\u0435 \u043f\u044f\u0442\u0438\u043b\u0435\u0442\u043d\u0435\u0439 \u043e\u0442\u0440\u0430\u0431\u043e\u0442\u043a\u0438.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043d\u043e\u0432\u043e\u043c\u0443 \u043e\u0442\u0447\u0435\u0442\u0443 Google Project Zero, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Apple Safari \u0431\u044b\u043b\u0430 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 2013 \u0433\u043e\u0434\u0443 \u0438 \u043f\u043e\u0437\u0436\u0435 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2016 \u0433\u043e\u0434\u0430 \u0431\u044b\u043b\u0430 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0435\u043d\u0430 \u0432 \u0445\u043e\u0434\u0435 \u0440\u0435\u0444\u0430\u043a\u0442\u043e\u0440\u0438\u043d\u0433\u0430. \u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u044b\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c, \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043e\u0431\u043e\u0439\u0442\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435.\n\n\u0418 \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u043f\u0443\u0441\u0442\u044f 5 \u043b\u0435\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 2022 \u0433\u043e\u0434\u0430 \u043a\u0430\u043a 0-day \u0432 Safari, iOS, iPadOS \u0438 macOS \u043f\u0443\u0442\u0435\u043c \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u044c\u044e.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u043f\u0440\u0438\u0437\u043d\u0430\u043b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a\u00a0CVE-2022-22620, \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS: 8,8 \u0438 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 WebKit.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0432\u0435\u0431-\u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\n\u041e\u0431\u044b\u0447\u043d\u043e, \u0432\u0441\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u043d\u0435\u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u043d\u044b\u0445 \u043f\u0430\u0442\u0447\u0430\u0445: \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e \u0438\u043b\u0438 \u043d\u0435 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u043e\u0442\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u043c\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\u00a0\u041e\u0434\u043d\u0430\u043a\u043e \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0441 CVE-2022-22620 - \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0447\u0435\u0442\u043a\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0435\u0449\u0435 \u0432 2013 \u0433\u043e\u0434\u0443. \n\n\u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0443\u0431\u0435\u0436\u0434\u0435\u043d\u044b (\u0438\u043b\u0438 \u043f\u044b\u0442\u0430\u044e\u0442\u0441\u044f \u0443\u0431\u0435\u0434\u0438\u0442\u044c?!), \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0438\u00a02013\u00a0\u0438\u00a02022 \u0432\u00a0History API \u043f\u043e \u0441\u0443\u0442\u0438 \u043e\u0434\u0438\u043d\u0430\u043a\u043e\u0432\u044b, \u043d\u043e \u043f\u0443\u0442\u0438 \u0438\u0445 \u0441\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b.\n\n\u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f Google \u041c\u044d\u0434\u0434\u0438 \u0421\u0442\u043e\u0443\u043d, \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442 \u043d\u0435 \u0443\u043d\u0438\u043a\u0430\u043b\u0435\u043d \u0434\u043b\u044f Safari \u0438 \u0433\u043b\u0430\u0432\u043d\u0430\u044f \u043f\u0440\u0438\u0447\u0438\u043d\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u0430\u0443\u0434\u0438\u0442\u043e\u043c \u043a\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438 \u043f\u0440\u0438\u0432\u0435\u043b \u043a \u0432\u043e\u0437\u0440\u043e\u0436\u0434\u0435\u043d\u0438\u044e \u00ab\u0437\u043e\u043c\u0431\u0438 0-day\u00bb.\n\n\u041d\u0430\u0432\u0435\u0440\u043d\u043e, \u0434\u043e\u043b\u0433\u043e \u043f\u0440\u0438\u0434\u0443\u043c\u044b\u0432\u0430\u043b\u0438 \u043e\u0431\u044a\u044f\u0441\u043d\u0435\u043d\u0438\u044f, \u0432\u043e\u0442 \u0438\u0445 \u043a\u043e\u043b\u043b\u0435\u0433\u0438 \u0438\u0437 Microsoft, \u043a \u043f\u0440\u0438\u043c\u0435\u0440\u0443 - \u0432\u043e\u043e\u0431\u0449\u0435 \u043d\u0435 \u0437\u0430\u043c\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043f\u043e \u044d\u0442\u043e\u043c\u0443 \u043f\u043e\u0432\u043e\u0434\u0443.", "creation_timestamp": "2022-06-21T13:49:16.000000Z"}, {"uuid": "8aee1d2b-e5a1-4e93-8da3-cb51ac16dc4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "seen", "source": "https://t.me/true_secator/3129", "content": "\u041d\u0430\u0441\u0442\u0443\u043f\u0430\u0442\u044c \u043d\u0430 \u0442\u0435 \u0436\u0435 \u0433\u0440\u0430\u0431\u043b\u0438 \u0432 \u043c\u0438\u0440\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 - \u043d\u043e\u0440\u043c\u0430\u043b\u044c\u043d\u0430\u044f \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0430, \u0430 \u201c\u043b\u0430\u0442\u0430\u0442\u044c \u0434\u044b\u0440\u044b\u201d \u043f\u043e\u0440\u043e\u0439, \u0441\u0442\u043e\u0438\u0442 \u0431\u043e\u043b\u0435\u0435 \u043e\u0441\u043d\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e. \n\n\u0421\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043e \u0447\u0435\u043c \u0440\u0435\u0447\u044c, \u0430 \u0432\u043e\u0442 \u043e \u0447\u0435\u043c: \u043f\u043e \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0430\u043c \u0430\u043d\u0430\u043b\u0438\u0437\u0430 Google Project Zero \u0437\u0430 \u043f\u0435\u0440\u0432\u0443\u044e \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0443 2022 \u0433\u043e\u0434\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 18 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0430 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u043d\u0435 \u0431\u044b\u043b\u0438 \u0434\u043e\u043b\u0436\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u0430 \u041c\u044d\u0434\u0434\u0438 \u0421\u0442\u043e\u0443\u043d\u0430 9 \u0438\u0437 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 0-day, \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0432\u0448\u0438\u0445\u0441\u044f \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443, \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c, \u0435\u0441\u043b\u0438 \u0431\u044b \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0430 4 \u043e\u0448\u0438\u0431\u043a\u0438 2022 \u0433\u043e\u0434\u0430 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430\u043c\u0438 \u043d\u0443\u043b\u0435\u0432\u044b\u0445 \u0434\u043d\u0435\u0439 2021 \u0433\u043e\u0434\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0421\u0430\u043c\u0430\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0438\u0437 \u044d\u0442\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Follina \u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 Windows, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2022-30190, \u043f\u043e \u0441\u0443\u0442\u0438 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f MSHTML, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0439 \u043a\u0430\u043a CVE-2021-40444.\n\nCVE-2022-21882 \u2014 \u044d\u0442\u043e \u0435\u0449\u0435 \u043e\u0434\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0430\u044f \u0441\u043e\u0431\u043e\u0439 \u0440\u0430\u0437\u043d\u043e\u0432\u0438\u0434\u043d\u043e\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e CVE-2021-1732 .\n\n\u041e\u0448\u0438\u0431\u043a\u0430 iOS IOMobileFrameBuffer (CVE-2022-22587) \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0435\u0439 \u0442\u0438\u043f\u043e\u0432 \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 Chrome V8 (CVE-2022-1096) \u2014 \u044d\u0442\u043e \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443 \u2014 CVE-2021-30983 \u0438 CVE-2021-30551 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n\u0414\u0440\u0443\u0433\u0438\u043c\u0438 0-day 2022 \u0433\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430\u043c\u0438 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f CVE-2022-1364 (Chrome), CVE-2022-22620 (WebKit), CVE-2021-39793 (Google Pixel), CVE-2022-26134 (Atlassian Confluence) \u0438 CVE-2022-26925 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a PetitPotam).\n\n\u0412 \u043e\u0431\u0449\u0435\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0442\u0430\u043a, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043c\u043e\u0433\u043b\u0438 \u0432\u0435\u0440\u043d\u0443\u0442\u044c\u0441\u044f \u0438 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u043c \u043f\u0443\u0442\u0435\u043c \u043b\u0438\u0431\u043e \u0441\u043d\u043e\u0432\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0442\u0435 \u0436\u0435 \u043e\u0448\u0438\u0431\u043a\u0438.\n\n\u042d\u0442\u043e \u0432\u0441\u0435\u0433\u0434\u0430 \u0433\u0440\u043e\u043c\u043a\u043e \u0438 \u0431\u043e\u043b\u044c\u043d\u043e, \u043d\u043e \u043e\u0442\u0447\u0430\u0441\u0442\u0438 \u0445\u043e\u0440\u043e\u0448\u043e \u043a\u043e\u0433\u0434\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b 0-day \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u0442\u0430\u043a \u043a\u0430\u043a \u044d\u0442\u043e \u043d\u0435\u0443\u0434\u0430\u0447\u0430 \u0434\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u0430 \u0434\u043b\u044f \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0430 \u044d\u0442\u043e \u043f\u043e\u0434\u0430\u0440\u043e\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0437\u043d\u0430\u0442\u044c \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0438 \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b, \u0447\u0442\u043e\u0431\u044b \u0433\u0430\u0440\u0430\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c, \u0447\u0442\u043e \u044d\u0442\u043e\u0442 \u0432\u0435\u043a\u0442\u043e\u0440 \u043d\u0435\u043b\u044c\u0437\u044f \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432 \u0431\u0443\u0434\u0443\u0449\u0435\u043c.\n\n\u0427\u0442\u043e\u0431\u044b \u0434\u043e\u043b\u0436\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Google \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c \u0438 \u0434\u0440\u0443\u0433\u0438\u043c \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u044b\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u043d\u0432\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432 \u0430\u043d\u0430\u043b\u0438\u0437 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u043f\u0440\u0438\u0447\u0438\u043d \u0438 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u0432\u043e\u0437\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043e\u043a, \u0430\u043d\u0430\u043b\u0438\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0438 \u0430\u043d\u0430\u043b\u0438\u0437 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f.", "creation_timestamp": "2022-07-04T20:00:05.000000Z"}, {"uuid": "4c2def11-29ce-44fb-956e-2a08a4d208a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "exploited", "source": "https://t.me/true_secator/2619", "content": "\u0412\u0447\u0435\u0440\u0430 \u0431\u043b\u0438\u0436\u0435 \u043a \u043d\u043e\u0447\u0438 Apple \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 iOS 15.3.1.\n\n\u0412\u044b\u043f\u0443\u0441\u043a \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0441\u043f\u0443\u0441\u0442\u044f \u0432\u0441\u0435\u0433\u043e \u0434\u0432\u0435 \u043d\u0435\u0434\u0435\u043b\u0438 \u043f\u043e\u0441\u043b\u0435 15.3 \u043a\u0430\u043a \u0431\u044b \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443\u0435\u0442, \u0447\u0442\u043e \u0447\u0442\u043e-\u0442\u043e \u0441\u043b\u0443\u0447\u0438\u043b\u043e\u0441\u044c. \u0418 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e - \u0432 \u0430\u043f\u0434\u0435\u0439\u0442\u0435 \u0437\u0430\u043a\u0440\u044b\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-22620, \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u0443\u044e 0-day \u0434\u044b\u0440\u043a\u0443 \u0432 \u043c\u043d\u043e\u0433\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u044c\u043d\u043e\u043c \u0434\u0432\u0438\u0436\u043a\u0435 WebKit, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0445\u0430\u043a\u0435\u0440\u0443 \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f RCE aka \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430.\n\n\u041f\u0440\u0438\u0447\u0435\u043c, \u043a\u0430\u043a \u0437\u0430\u044f\u0432\u0438\u043b\u0438 Apple, \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \"\u043c\u043e\u0436\u0435\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435\", \u0441\u0438\u0440\u0435\u0447\u044c \u0442\u0430\u043a \u043e\u043d\u043e \u0438 \u0435\u0441\u0442\u044c \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u0441\u0435\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u0441\u0440\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 iPhone, iPad \u0438 \u043c\u0430\u043a\u0431\u0443\u043a\u0438,  \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u043b\u044f macOS \u0442\u043e\u0436\u0435 \u0432\u044b\u0448\u043b\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435.\n\n\u0418 \u0432 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u0440\u0430\u0437 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043f\u043e\u0441\u0435\u0442\u043e\u0432\u0430\u0442\u044c \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u043d\u0443\u044e \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0443 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Apple, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0435 \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043d\u0438\u0437\u043a\u043e\u0443\u0440\u043e\u0432\u043d\u0435\u0432\u043e\u0439 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0434\u043b\u044f \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c \u0434\u043b\u044f iOS \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u044b\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u044f. \u0412\u0435\u0434\u044c \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u0435 \"iOS - \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0430\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0438 \u043f\u043e\u0434 \u043d\u0435\u0435 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b\" \u0434\u0430\u0432\u043d\u043e \u043d\u0435 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438.\n\n\u0410 \u0432 \u0441\u0438\u043b\u0443 \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u043e\u0433\u043e \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043b\u0438\u0448\u044c \u043e\u0434\u043d\u0430 \u043e\u0431\u044a\u0435\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u043f\u0440\u0438\u0447\u0438\u043d\u0430 \u0434\u043b\u044f \u043a\u0443\u043f\u0435\u0440\u0442\u0438\u043d\u043e\u0432\u0446\u0435\u0432 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0442\u044c \u0433\u043d\u0443\u0442\u044c \u0441\u0432\u043e\u044e \u043b\u0438\u043d\u0438\u044e \u0441 \u0437\u0430\u043f\u0440\u0435\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u044f\u0434\u0440\u043e iOS - \u0442\u0430\u043c \u0441\u0438\u0434\u0438\u0442 \u043d\u0435\u0447\u0442\u043e, \u0447\u0435\u0433\u043e \u043d\u0435 \u0434\u043e\u043b\u0436\u0435\u043d \u0443\u0432\u0438\u0434\u0435\u0442\u044c \u043d\u0438\u043a\u0442\u043e \u043a\u0440\u043e\u043c\u0435 Apple. \u0418 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u043f\u043e\u043b\u043d\u043e\u043c\u043e\u0447\u0435\u043d\u043d\u044b\u0445 \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0438\u043c \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e\u043c \u043b\u0438\u0446.\n\nSad but true.", "creation_timestamp": "2022-02-11T11:17:03.000000Z"}, {"uuid": "ff37257c-6196-4d0b-a226-23ccddf89a0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "exploited", "source": "https://t.me/cibsecurity/39252", "content": "\u203c CVE-2022-22620 \u203c\n\nA use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-18T21:29:04.000000Z"}, {"uuid": "3a9041a2-dc87-4eb2-9553-fc1e5c8d8e22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "seen", "source": "https://t.me/information_security_channel/46603", "content": "Apple Says WebKit Zero-Day Hitting iOS, macOS Devices\nhttps://www.securityweek.com/apple-says-webkit-zero-day-hitting-ios-macos-devices\n\nApple\u2019s struggles with zero-day attacks on its iOS and macOS platforms are showing no signs of slowing down.\nFor the second time in as many months, Cupertino released iOS, iPadOS and macOS updates to address a critical WebKit security defect (CVE-2022-22620) that exposes Apple devices to remote code execution attacks.\nread more (https://www.securityweek.com/apple-says-webkit-zero-day-hitting-ios-macos-devices)", "creation_timestamp": "2022-02-10T22:58:55.000000Z"}, {"uuid": "f910e606-ecfc-4341-b448-9ab9007c5bff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "seen", "source": "https://t.me/SecLabNews/11566", "content": "\ud83c\udf4fApple \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 0Day-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 iPhone, iPad \u0438 Mac\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Apple \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 WebKit.\n\n\u0415\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0442\u044c iPhone, iPad \u0438 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u044b Mac.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0430 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f ( CVE-2022-22620 ), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0431\u043e\u044f\u043c \u0432 \u0440\u0430\u0431\u043e\u0442\u0435 \u041e\u0421 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Phone 6s \u0438 \u043d\u043e\u0432\u0435\u0435, iPad Pro (\u0432\u0441\u0435 \u043c\u043e\u0434\u0435\u043b\u0438), iPad Air 2 \u0438 \u043d\u043e\u0432\u0435\u0435, iPad 5-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u0438 \u043d\u043e\u0432\u0435\u0435, iPad mini 4 \u0438 \u043d\u043e\u0432\u0435\u0435, iPod touch (7-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f), \u0430 \u0442\u0430\u043a\u0436\u0435 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u044b Mac \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c macOS Monterey.\n\nhttps://www.securitylab.ru/news/529779.php", "creation_timestamp": "2022-02-11T13:08:41.000000Z"}, {"uuid": "a25a4994-16c3-4610-940b-8c99b136e484", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "exploited", "source": "https://t.me/thehackernews/1880", "content": "Apple releases software updates to patch a new \"actively exploited\" 0-day vulnerability (CVE-2022-22620) in WebKit targeting iPhone, iPad, and Mac users.\n\nRead details: https://thehackernews.com/2022/02/apple-releases-ios-ipados-macos-updates.html", "creation_timestamp": "2022-02-11T04:33:41.000000Z"}, {"uuid": "065bc488-6318-4f39-8976-d2680dd48d3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "exploited", "source": "https://t.me/thehackernews/2299", "content": "Google researchers share technical details of a vulnerability (CVE-2022-22620) in Apple Safari that was exploited in-the-wild earlier this year.\n\nIt was originally fixed in 2013 &amp; reintroduced in 2016, leaving the flaw open for 5 years.\n\nRead: https://thehackernews.com/2022/06/google-researchers-detail-5-year-old.html", "creation_timestamp": "2022-10-18T16:12:02.000000Z"}, {"uuid": "0a354be7-be5a-40cc-a0c2-3bf6cf43d478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "seen", "source": "https://t.me/xakep_ru/11948", "content": "Apple \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e iPhone, iPad \u0438 Mac\n\n\u0418\u043d\u0436\u0435\u043d\u0435\u0440\u044b \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Apple \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f iOS, iPadOS \u0438 macOS. \u0412 \u044d\u0442\u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u0445 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0431\u0430\u0433 \u0432 WebKit (CVE-2022-22620), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Apple.\n\nhttps://xakep.ru/2022/02/11/one-more-apple-0day/", "creation_timestamp": "2022-02-11T20:04:00.000000Z"}, {"uuid": "f03356b3-0e25-4aaf-bb91-491432a73a4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22620", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/6211", "content": "#exploit\nCVE-2022-22620:\nUse-after-free in Safari\nhttps://googleprojectzero.blogspot.com/2022/06/an-autopsy-on-zombie-in-wild-0-day.html\n]-&gt; https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-22620.html", "creation_timestamp": "2022-06-16T10:59:01.000000Z"}]}