{"vulnerability": "CVE-2022-3291", "sightings": [{"uuid": "d55d78ab-cc8e-43f0-a071-b3861b124e7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32917", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "f56d5060-444b-40dc-97b6-fa96014b10c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32917", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971709", "content": "", "creation_timestamp": "2024-12-24T20:33:05.561767Z"}, {"uuid": "198e66e6-ffe1-452d-a15e-59ed05e037df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-32917", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/eae2f83b-1dc1-4eab-9d4a-37239ae06455", "content": "", "creation_timestamp": "2026-02-02T12:27:13.453539Z"}, {"uuid": "3d36ee07-efca-4b64-b61e-40441e7a8af3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-32917", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=869", "content": "", "creation_timestamp": "2022-09-13T04:00:00.000000Z"}, {"uuid": "a772c236-c984-4d7c-b4b0-e2b0d0713f16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32917", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:38.000000Z"}, {"uuid": "ca5cb711-ca0b-4276-98b7-ace84ed74f81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32919", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18635", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32919\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The issue was addressed with improved UI handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Visiting a website that frames malicious content may lead to UI spoofing.\n\ud83d\udccf Published: 2024-01-10T22:03:46.841Z\n\ud83d\udccf Modified: 2025-06-17T17:21:26.745Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213532\n2. https://support.apple.com/en-us/HT213530", "creation_timestamp": "2025-06-17T17:42:15.000000Z"}, {"uuid": "27dd3d79-2b5c-4907-a317-5bc585eb8e3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32916", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12742", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32916\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 16. An app may be able to disclose kernel memory.\n\ud83d\udccf Published: 2022-12-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T18:35:20.099Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213446", "creation_timestamp": "2025-04-21T19:02:25.000000Z"}, {"uuid": "7bd57d01-c0f0-41e1-81cc-613a98555a3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32910", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15203", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32910\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5, Security Update 2022-005 Catalina. An archive may be able to bypass Gatekeeper.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T18:59:14.786Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213345\n2. https://support.apple.com/en-us/HT213344\n3. https://support.apple.com/en-us/HT213343", "creation_timestamp": "2025-05-06T19:21:22.000000Z"}, {"uuid": "999b054a-7f47-4a14-b446-387457cd3109", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32917", "type": "seen", "source": "https://t.me/poxek/2626", "content": "\u041f\u0430\u043a \u0441\u0432\u0435\u0436\u0438\u0445 \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 CVE \u0434\u043b\u044f Apple:\n\nCVE-2022-22587 (IOMobileFrameBuffer) \u2013 A malicious application may be able to execute arbitrary code with kernel privileges\nCVE-2022-22594 (WebKit Storage) \u2013 A website may be able to track sensitive user information (publicly known but not actively exploited)\nCVE-2022-22620 (WebKit) \u2013 Processing maliciously crafted web content may lead to arbitrary code execution\nCVE-2022-22674 (Intel Graphics Driver) \u2013 An application may be able to read kernel memory\nCVE-2022-22675 (AppleAVD) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-32893 (WebKit) \u2013 Processing maliciously crafted web content may lead to arbitrary code execution\nCVE-2022-32894 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-32917 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-42827 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges", "creation_timestamp": "2022-12-14T14:05:53.000000Z"}, {"uuid": "b8b8e9e0-15ae-46b8-8cf5-d0eeddc68a47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3291", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16174", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3291\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Serialization of sensitive data in GitLab EE affecting all versions from 14.9 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 can leak sensitive information via cache\n\ud83d\udccf Published: 2022-10-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-13T15:42:30.176Z\n\ud83d\udd17 References:\n1. https://gitlab.com/gitlab-org/gitlab/-/issues/354299\n2. https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3291.json", "creation_timestamp": "2025-05-13T16:31:00.000000Z"}, {"uuid": "87d0b248-20f4-42ce-89a9-af3bf8e64890", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32919", "type": "seen", "source": "https://t.me/ctinow/175771", "content": "https://ift.tt/jLs4pSI\nCVE-2022-32919 | Apple macOS Content improper restriction of rendered ui layers", "creation_timestamp": "2024-01-30T09:11:15.000000Z"}, {"uuid": "b143fcdd-cca2-4495-81e9-cabe6c4b2640", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32917", "type": "seen", "source": "https://t.me/monkey_hacker/34", "content": "\u041f\u0430\u043a \u0441\u0432\u0435\u0436\u0438\u0445 \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 CVE \u0434\u043b\u044f Apple:\n\nCVE-2022-22587 (IOMobileFrameBuffer) \u2013 A malicious application may be able to execute arbitrary code with kernel privileges\nCVE-2022-22594 (WebKit Storage) \u2013 A website may be able to track sensitive user information (publicly known but not actively exploited)\nCVE-2022-22620 (WebKit) \u2013 Processing maliciously crafted web content may lead to arbitrary code execution\nCVE-2022-22674 (Intel Graphics Driver) \u2013 An application may be able to read kernel memory\nCVE-2022-22675 (AppleAVD) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-32893 (WebKit) \u2013 Processing maliciously crafted web content may lead to arbitrary code execution\nCVE-2022-32894 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-32917 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-42827 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges", "creation_timestamp": "2022-12-15T04:14:34.000000Z"}, {"uuid": "c11b517d-dbb0-4105-8f05-34df18a35b75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32917", "type": "exploited", "source": "https://t.me/true_secator/3407", "content": "\u041f\u0440\u043e\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043e\u0442\u0440\u0438\u0446\u0430\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0430 \u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0433\u0438\u0433\u0430\u043d\u0442\u0430 \u0438\u0437 \u041a\u0443\u043f\u0435\u0440\u0442\u0438\u043d\u043e.\n\n\u0412 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 Apple \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u0436\u0435 \u0432\u043e\u0441\u044c\u043c\u043e\u0439 0-Day, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 iPhone \u0438 Mac.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2022-32917 \u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0443, \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f RCE \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u044f\u0434\u0440\u0430.\n\n\u041e\u0431 \u044d\u0442\u043e\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u044b\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0438 \u0441\u0430\u043c\u043e\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0435 Apple \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u0435\u0439 \u0431\u044b\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0435 \u0438 \u043e\u043d\u0430 \u043c\u043e\u0433\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f. \u0421\u0442\u0440\u0430\u043d\u043d\u043e\u0435 \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u0435, \u043d\u043e \u0442\u0430\u043a\u043e\u0435 \u0443\u0436\u0435 \u043d\u0435 \u0432\u043f\u0435\u0440\u0432\u044b\u0435.\n\n\u0412 \u043f\u043e\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u0438\u043a \u0431\u044b\u043b\u043e \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u043b\u0438\u043d\u0435\u0439\u043a\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Apple.\n\n\u0411\u0430\u0433\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 iPhone 6s \u0438 \u043d\u043e\u0432\u0435\u0435, iPad Pro (\u0432\u0441\u0435 \u043c\u043e\u0434\u0435\u043b\u0438), iPad Air 2 \u0438 \u043d\u043e\u0432\u0435\u0435, iPad 5-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u0438 \u043d\u043e\u0432\u0435\u0435, iPad mini 4 \u0438 \u043d\u043e\u0432\u0435\u0435, \u0430 \u0442\u0430\u043a\u0436\u0435 iPod touch (7-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u0438 Mac \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c macOS Big Sur 11.7 \u0438 macOS Monterey 12.6).\n\nApple \u0440\u0435\u0448\u0438\u043b\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u0432\u0435\u0440\u0441\u0438\u0438 iOS 15.7 \u0438 iPadOS 15.7, macOS Monterey 12.6 \u0438 macOS Big Sur 11.7 .\n\n\u041f\u043e \u043a\u043b\u0430\u0441\u0441\u0438\u043a\u0435 \u0436\u0430\u043d\u0440\u0430 Apple \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0430\u0442\u0430\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u0434\u0430\u0431\u044b \u043a\u043b\u0438\u0435\u043d\u0442\u044b \u0441\u043c\u043e\u0433\u043b\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\nApple \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430\u043c \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435. \n\n\u041e\u0442\u0434\u0435\u043b\u044c\u043d\u043e \u0418\u0422-\u0433\u0438\u0433\u0430\u043d\u0442 \u043d\u0430\u043f\u043e\u043c\u043d\u0438\u043b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c, \u0447\u0442\u043e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043e\u043d\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f tvOS, watchOS, iPadOS \u0438 iOS, \u043e\u0442\u043a\u0430\u0442\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0431\u0443\u0434\u0435\u0442 \u043d\u0435\u043b\u044c\u0437\u044f \u0438 \u044d\u0442\u043e \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a\u043e \u0432\u0441\u0435\u043c \u0435\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c.", "creation_timestamp": "2022-09-13T11:30:09.000000Z"}, {"uuid": "1cb99a5d-f765-46c7-a3cc-a0d29203ad78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32917", "type": "exploited", "source": "https://t.me/ctinow/63249", "content": "Apple fixes actively exploited zero-day in macOS, iOS (CVE-2022-32917)\n\nhttps://ift.tt/kKN8Uxb", "creation_timestamp": "2022-09-13T12:36:37.000000Z"}, {"uuid": "a8b14ae7-b3c5-4028-82bc-c4351b992d5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32917", "type": "exploited", "source": "https://t.me/arpsyndicate/1237", "content": "#ExploitObserverAlert\n\nCVE-2022-32917\n\nDESCRIPTION: Exploit Observer has 11 entries related to CVE-2022-32917. The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..\n\nFIRST-EPSS: 0.000590000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-04T15:15:01.000000Z"}, {"uuid": "5a3d5a35-f207-4a70-b769-970ae6ee74f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32917", "type": "seen", "source": "https://t.me/netrunnerz/368", "content": "\u041f\u0430\u043a \u0441\u0432\u0435\u0436\u0438\u0445 \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 CVE \u0434\u043b\u044f Apple:\n\nCVE-2022-22587 (IOMobileFrameBuffer) \u2013 A malicious application may be able to execute arbitrary code with kernel privileges\nCVE-2022-22594 (WebKit Storage) \u2013 A website may be able to track sensitive user information (publicly known but not actively exploited)\nCVE-2022-22620 (WebKit) \u2013 Processing maliciously crafted web content may lead to arbitrary code execution\nCVE-2022-22674 (Intel Graphics Driver) \u2013 An application may be able to read kernel memory\nCVE-2022-22675 (AppleAVD) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-32893 (WebKit) \u2013 Processing maliciously crafted web content may lead to arbitrary code execution\nCVE-2022-32894 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-32917 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges\nCVE-2022-42827 (Kernel) \u2013 An application may be able to execute arbitrary code with kernel privileges", "creation_timestamp": "2022-12-14T15:21:30.000000Z"}, {"uuid": "85476be6-429f-468e-a57a-83b6ca3f433c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32919", "type": "seen", "source": "https://t.me/ctinow/175770", "content": "https://ift.tt/Gh2wTdN\nCVE-2022-32919 | Apple iOS/iPadOS Content improper restriction of rendered ui layers", "creation_timestamp": "2024-01-30T09:11:14.000000Z"}, {"uuid": "d262c1fc-adb7-48cc-ac58-9fabc10c9b2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3291", "type": "seen", "source": "https://t.me/cibsecurity/51603", "content": "\u203c CVE-2022-3291 \u203c\n\nSerialization of sensitive data in GitLab EE affecting all versions from 14.9 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 can leak sensitive information via cache\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-17T20:13:14.000000Z"}, {"uuid": "4d0ae2ff-a445-4d2b-843f-1b063f05f3b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32913", "type": "seen", "source": "https://t.me/cibsecurity/52430", "content": "\u203c CVE-2022-32913 \u203c\n\nThe issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-01T23:23:54.000000Z"}, {"uuid": "5318b9b8-a356-43b1-b8a6-e9cdd8c27b97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32917", "type": "exploited", "source": "https://t.me/thehackernews/2560", "content": "Apple has released another round of security updates to fix several new vulnerabilities in iOS and macOS, including a new zero-day vulnerability (CVE-2022-32917) that has been exploited for attacks in the wild.\n\nDetails: https://thehackernews.com/2022/09/apple-releases-ios-and-macos-updates-to.html", "creation_timestamp": "2022-09-13T05:38:46.000000Z"}]}