Security Vulnerabilities - CVEs Published In March 2022
An issue was discovered in MISP before 2.4.156. An SVG org logo (which may contain JavaScript) is not forbidden by default.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-03-18
A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to execute arbitrary code with kernel privileges.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-03-18
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.004
Published
2022-03-18
A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to gain root privileges.
CVSS Score
7.8
EPSS Score
0.004
Published
2022-03-18
A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, watchOS 8.5. Processing a maliciously crafted image may lead to heap corruption.
CVSS Score
7.8
EPSS Score
0.003
Published
2022-03-18
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.4 and iPadOS 15.4. An application may be able to execute arbitrary code with kernel privileges.
CVSS Score
7.8
EPSS Score
0.004
Published
2022-03-18
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-03-18
An access issue was addressed with improved access restrictions. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, watchOS 8.5. A malicious application may be able to identify what other applications a user has installed.
CVSS Score
3.3
EPSS Score
0.002
Published
2022-03-18
An authentication issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access to an iOS device may be able to access photos from the lock screen.
CVSS Score
4.6
EPSS Score
0.001
Published
2022-03-18
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious font file.
CVSS Score
7.8
EPSS Score
0.071
Published
2022-03-18