{"vulnerability": "CVE-2022-32947", "sightings": [{"uuid": "503f1acc-08be-4302-8a9c-3034d80adec7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32947", "type": "seen", "source": "https://t.me/cibsecurity/52428", "content": "\u203c CVE-2022-32947 \u203c\n\nThe issue was addressed with improved memory handling. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-01T23:23:49.000000Z"}, {"uuid": "ce3e916a-589c-42d0-9f1b-2285f6986b60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32947", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15171", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32947\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The issue was addressed with improved memory handling. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T18:01:34.762Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213488\n2. https://support.apple.com/en-us/HT213489\n3. https://support.apple.com/en-us/HT213491", "creation_timestamp": "2025-05-06T18:21:26.000000Z"}, {"uuid": "665a684d-7be5-43eb-98f1-47daaedc8582", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32947", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/367", "content": "Top Security News for 18/09/2023\n\nAccount Takeover in Canvas Apps served in Comet due to failure in Cross-Window-Message Origin validation\nhttps://www.reddit.com/r/netsec/comments/16l167p/account_takeover_in_canvas_apps_served_in_comet/ \n\nCVE-2022-32947: macOS GPU-launched kernel privilege escalation exploit (walkthrough slides + demo)\nhttps://www.reddit.com/r/netsec/comments/16kwvfl/cve202232947_macos_gpulaunched_kernel_privilege/ \n\nTickling ksmbd: fuzzing SMB in the Linux kernel\nhttps://www.reddit.com/r/netsec/comments/16kvckv/tickling_ksmbd_fuzzing_smb_in_the_linux_kernel/ \n\nISC Stormcast For Monday, September 18th, 2023 https://isc.sans.edu/podcastdetail/8662, (Mon, Sep 18th)\nhttps://malware.news/t/isc-stormcast-for-monday-september-18th-2023-https-isc-sans-edu-podcastdetail-8662-mon-sep-18th/73542#post_1 \n\nFinancially Motivated UNC3944 Threat Actor Shifts Focus to Ransomware Attacks\nhttps://thehackernews.com/2023/09/financially-motivated-unc3944-threat.html \n\nNorth Korea's Lazarus Group Suspected in $31 Million CoinEx Heist\nhttps://thehackernews.com/2023/09/north-koreas-lazarus-group-suspected-in.html \n\nAccount Takeover in Canvas Apps served in Comet due to failure in Cross-Window-Message Origin validation\nhttps://www.reddit.com/r/netsec/comments/16l167p/account_takeover_in_canvas_apps_served_in_comet/ \n\nClop gang stolen data from major North Carolina hospitals\nhttps://securityaffairs.com/150949/cyber-crime/north-carolina-hospitals-data-breach.html \n\nA Practical Approach to SBOM in CI/CD. Presenting concept of SBOM, its advantages, popular formats and practical implementations for both Java and Python projects.\nhttps://www.reddit.com/r/netsec/comments/16l5vtu/a_practical_approach_to_sbom_in_cicd_presenting/ \n\nCVE-2023-34040 Spring Kafka Deserialization Remote Code Execution\nhttps://www.reddit.com/r/netsec/comments/16kvb77/cve202334040_spring_kafka_deserialization_remote/ \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2023-09-18T07:00:08.000000Z"}]}