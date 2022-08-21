CVE番号 脆弱性内容

CVE-2022-22536 SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server and SAP Web Dispatcher allow HTTP request smuggling. An unauthenticated attacker can prepend a victim's request with arbitrary data, allowing for function execution impersonating the victim or poisoning intermediary Web caches.

CVE-2022-32894 Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow an application to execute code with kernel privileges.

CVE-2022-32893 Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow for remote code execution when processing malicious crafted web content.

CVE-2022-2856 Google Chrome Intents allows for insufficient validation of untrusted input, causing unknown impacts. CISA will update this description if more information becomes available.

CVE-2022-26923 An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow for privilege escalation to SYSTEM.

CVE-2022-21971 Microsoft Windows Runtime contains an unspecified vulnerability which allows for remote code execution.