CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-32396
https://notcve.org/view.php?id=CVE-2023-32396
26 Sep 2023 — This issue was addressed with improved checks. This issue is fixed in Xcode 15, tvOS 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to gain elevated privileges. Este problema se solucionó con controles mejorados. Este problema se solucionó en Xcode 15, tvOS 17, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-41968
https://notcve.org/view.php?id=CVE-2023-41968
26 Sep 2023 — This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read arbitrary files. Este problema se solucionó con una validación mejorada de los enlaces simbólicos. Este problema se solucionó en macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-40441
https://notcve.org/view.php?id=CVE-2023-40441
26 Sep 2023 — A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to a denial-of-service. Se abordó un problema de agotamiento de recursos con una validación de entrada mejorada. Este problema se solucionó en iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/3 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 0CVE-2023-40400
https://notcve.org/view.php?id=CVE-2023-40400
26 Sep 2023 — This issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. A remote user may cause an unexpected app termination or arbitrary code execution. Este problema se solucionó con controles mejorados. Este problema se solucionó en tvOS 17, iOS 17 y iPadOS 17, watchOS 10, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-38596
https://notcve.org/view.php?id=CVE-2023-38596
26 Sep 2023 — The issue was addressed with improved handling of protocols. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may fail to enforce App Transport Security. El problema se abordó mejorando el manejo de los protocolos. Este problema se solucionó en tvOS 17, iOS 17 y iPadOS 17, watchOS 10, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-40420
https://notcve.org/view.php?id=CVE-2023-40420
26 Sep 2023 — The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to a denial-of-service. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en macOS Ventura 13.6, tvOS 17, iOS 16.7 y iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2023-35074 – webkitgtk: processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-35074
26 Sep 2023 — The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en tvOS 17, Safari 17, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-41071
https://notcve.org/view.php?id=CVE-2023-41071
26 Sep 2023 — A use-after-free issue was addressed with improved memory management. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Ventura 13.6. An app may be able to execute arbitrary code with kernel privileges. Se solucionó un problema de use-after-free con una gestión de memoria mejorada. Este problema se solucionó en tvOS 17, iOS 17 y iPadOS 17, watchOS 10, macOS Ventura 13.6. • http://seclists.org/fulldisclosure/2023/Oct/10 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-41070
https://notcve.org/view.php?id=CVE-2023-41070
26 Sep 2023 — A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access sensitive data logged when a user shares a link. Se solucionó un problema de lógica con controles mejorados. Este problema se solucionó en macOS Ventura 13.6, iOS 16.7 y iPadOS 16.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/3 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-41174
https://notcve.org/view.php?id=CVE-2023-41174
26 Sep 2023 — The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10. An app may be able to execute arbitrary code with kernel privileges. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en tvOS 17, iOS 17 y iPadOS 17, watchOS 10. • http://seclists.org/fulldisclosure/2023/Oct/10 •