CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-42844 – Apple Security Advisory 10-25-2023-6
https://notcve.org/view.php?id=CVE-2023-42844
25 Oct 2023 — This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. A website may be able to access sensitive user data when resolving symlinks. Este problema se solucionó mejorando el manejo de los enlaces simbólicos. Este problema se solucionó en macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. • http://seclists.org/fulldisclosure/2023/Oct/21 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-40423 – Apple Security Advisory 10-25-2023-1
https://notcve.org/view.php?id=CVE-2023-40423
25 Oct 2023 — The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to execute arbitrary code with kernel privileges. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en iOS 17.1 y iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 y iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. • http://seclists.org/fulldisclosure/2023/Oct/19 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-42849 – Apple Security Advisory 10-25-2023-1
https://notcve.org/view.php?id=CVE-2023-42849
25 Oct 2023 — The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en iOS 17.1 y iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 y iPadOS 16.7.2, macOS Ventur... • http://seclists.org/fulldisclosure/2023/Oct/19 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-40449 – Apple Security Advisory 10-25-2023-1
https://notcve.org/view.php?id=CVE-2023-40449
25 Oct 2023 — The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to cause a denial-of-service. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en iOS 17.1 y iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 y iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. • http://seclists.org/fulldisclosure/2023/Oct/19 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-41254 – Apple Security Advisory 10-25-2023-1
https://notcve.org/view.php?id=CVE-2023-41254
25 Oct 2023 — A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to access sensitive user data. Se solucionó un problema de privacidad mejorando la redacción de datos privados para las entradas de registro. Este problema se solucionó en iOS 17.1 y iPadOS 17.1, watchOS 10.1, iOS 16.7.2 y iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14... • http://seclists.org/fulldisclosure/2023/Oct/19 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-42854 – Apple Security Advisory 10-25-2023-6
https://notcve.org/view.php?id=CVE-2023-42854
25 Oct 2023 — This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to cause a denial-of-service to Endpoint Security clients. Este problema se solucionó eliminando el código vulnerable. Este problema se solucionó en macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. • http://seclists.org/fulldisclosure/2023/Oct/21 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-40413 – Apple Security Advisory 10-25-2023-1
https://notcve.org/view.php?id=CVE-2023-40413
25 Oct 2023 — The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to read sensitive location information. El problema se solucionó mejorando el manejo de los cachés. Este problema se solucionó en iOS 17.1 y iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 y iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. • http://seclists.org/fulldisclosure/2023/Oct/19 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41077 – Apple Security Advisory 10-25-2023-5
https://notcve.org/view.php?id=CVE-2023-41077
25 Oct 2023 — The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.1. An app may be able to access protected user data. El problema se solucionó con controles mejorados. Este problema se solucionó en macOS Ventura 13.6.1. • http://seclists.org/fulldisclosure/2023/Oct/26 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-42856 – Apple macOS Hydra ABC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-42856
25 Oct 2023 — The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. Processing a file may lead to unexpected app termination or arbitrary code execution. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. • http://seclists.org/fulldisclosure/2023/Oct/21 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-42841 – Apple Security Advisory 10-25-2023-1
https://notcve.org/view.php?id=CVE-2023-42841
25 Oct 2023 — The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1. An app may be able to execute arbitrary code with kernel privileges. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en macOS Sonoma 14.1, iOS 17.1 y iPadOS 17.1, iOS 16.7.2 y iPadOS 16.7.2, macOS Ventura 13.6.1. • http://seclists.org/fulldisclosure/2023/Oct/19 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •