NVD disclosure day

Published threat advisories for November 1, 2022

CVE advisoryKnown Exploit

CVE-2022-3723

Google Chrome V8 Engine Type Confusion Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A type confusion flaw in Google Chrome's V8 engine could allow attackers to corrupt memory via a crafted HTML page, potentially impacting system operations and data confidentiality, integrity, and availability. This vulnerability carries a high severity rating and can be exploited remotely.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2022-42827

Apple iOS and iPadOS Kernel Code Execution Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

An out-of-bounds write in Apple's iOS and iPadOS could allow an application to execute arbitrary code with kernel privileges. Apple is aware of reports that this may have been exploited, presenting a risk to affected systems and data. Mitigation is available through software updates.

NVD published: • CISA KEV