CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-35990
https://notcve.org/view.php?id=CVE-2023-35990
26 Sep 2023 — The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14. An app may be able to identify what other apps a user has installed. El problema se solucionó con controles mejorados. Este problema se solucionó en iOS 17 y iPadOS 17, watchOS 10, iOS 16.7 y iPadOS 16.7, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/3 • CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-40428
https://notcve.org/view.php?id=CVE-2023-40428
26 Sep 2023 — The issue was addressed with improved handling of caches. This issue is fixed in iOS 17 and iPadOS 17. An app may be able to access sensitive user data. El problema se solucionó mejorando el manejo de las cachés. Este problema se solucionó en iOS 17 y iPadOS 17. • http://seclists.org/fulldisclosure/2023/Oct/8 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2023-40429
https://notcve.org/view.php?id=CVE-2023-40429
26 Sep 2023 — A permissions issue was addressed with improved validation. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to access sensitive user data. Se solucionó un problema de permisos con una validación mejorada. Este problema se solucionó en tvOS 17, iOS 17 y iPadOS 17, watchOS 10, macOS Sonoma 14. • https://github.com/biscuitehh/cve-2023-40429-ez-device-name •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-39434 – webkitgtk: processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-39434
26 Sep 2023 — A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Se solucionó un problema de Use-After-Free con una gestión de memoria mejorada. Este problema se solucionó en iOS 17 y iPadOS 17, watchOS 10, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/3 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2023-40452
https://notcve.org/view.php?id=CVE-2023-40452
26 Sep 2023 — The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to overwrite arbitrary files. El problema se solucionó con comprobaciones de límites mejoradas. Este problema se solucionó en macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 •
CVSS: 8.6EPSS: 1%CPEs: 5EXPL: 0CVE-2023-40448
https://notcve.org/view.php?id=CVE-2023-40448
26 Sep 2023 — The issue was addressed with improved handling of protocols. This issue is fixed in tvOS 17, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. A remote attacker may be able to break out of Web Content sandbox. El problema se abordó mejorando el manejo de los protocolos. Este problema se solucionó en tvOS 17, iOS 16.7 y iPadOS 16.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-2023-41074 – webkitgtk: processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-41074
26 Sep 2023 — The issue was addressed with improved checks. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution. El problema se solucionó con controles mejorados. Este problema se solucionó en tvOS 17, Safari 17, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-40409
https://notcve.org/view.php?id=CVE-2023-40409
26 Sep 2023 — The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17. • http://seclists.org/fulldisclosure/2023/Oct/10 •
CVSS: 4.6EPSS: 0%CPEs: 5EXPL: 0CVE-2023-35984
https://notcve.org/view.php?id=CVE-2023-35984
26 Sep 2023 — The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An attacker in physical proximity can cause a limited out of bounds write. El problema se solucionó con controles mejorados. Este problema se solucionó en tvOS 17, iOS 17 y iPadOS 17, watchOS 10, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-40410
https://notcve.org/view.php?id=CVE-2023-40410
26 Sep 2023 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to disclose kernel memory. Se solucionó una lectura fuera de límites con una validación de entrada mejorada. Este problema se solucionó en macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 • CWE-125: Out-of-bounds Read •