CVE-2023-41071
https://notcve.org/view.php?id=CVE-2023-41071
A use-after-free issue was addressed with improved memory management. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Ventura 13.6. An app may be able to execute arbitrary code with kernel privileges. Se solucionó un problema de use-after-free con una gestión de memoria mejorada. Este problema se solucionó en tvOS 17, iOS 17 y iPadOS 17, watchOS 10, macOS Ventura 13.6. • http://seclists.org/fulldisclosure/2023/Oct/10 http://seclists.org/fulldisclosure/2023/Oct/5 http://seclists.org/fulldisclosure/2023/Oct/8 http://seclists.org/fulldisclosure/2023/Oct/9 https://support.apple.com/en-us/HT213931 https://support.apple.com/en-us/HT213936 https://support.apple.com/en-us/HT213937 https://support.apple.com/en-us/HT213938 • CWE-416: Use After Free •
CVE-2023-41174
https://notcve.org/view.php?id=CVE-2023-41174
The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10. An app may be able to execute arbitrary code with kernel privileges. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en tvOS 17, iOS 17 y iPadOS 17, watchOS 10. • http://seclists.org/fulldisclosure/2023/Oct/10 http://seclists.org/fulldisclosure/2023/Oct/8 http://seclists.org/fulldisclosure/2023/Oct/9 https://support.apple.com/en-us/HT213936 https://support.apple.com/en-us/HT213937 https://support.apple.com/en-us/HT213938 •
CVE-2023-40456
https://notcve.org/view.php?id=CVE-2023-40456
The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10. An app may be able to access edited photos saved to a temporary directory. El problema se solucionó con controles mejorados. Este problema se solucionó en tvOS 17, iOS 17 y iPadOS 17, watchOS 10. • http://seclists.org/fulldisclosure/2023/Oct/10 http://seclists.org/fulldisclosure/2023/Oct/8 http://seclists.org/fulldisclosure/2023/Oct/9 https://support.apple.com/en-us/HT213936 https://support.apple.com/en-us/HT213937 https://support.apple.com/en-us/HT213938 •
CVE-2023-41990 – Apple Multiple Products Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-41990
The issue was addressed with improved handling of caches. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, macOS Monterey 12.6.8, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Ventura 13.2, watchOS 9.3. Processing a font file may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1. El problema se solucionó mejorando el manejo de los cachés. • https://support.apple.com/en-us/HT213599 https://support.apple.com/en-us/HT213601 https://support.apple.com/en-us/HT213605 https://support.apple.com/en-us/HT213606 https://support.apple.com/en-us/HT213842 https://support.apple.com/en-us/HT213844 https://support.apple.com/en-us/HT213845 •
CVE-2023-34352
https://notcve.org/view.php?id=CVE-2023-34352
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An attacker may be able to leak user account emails. Se ha solucionado un problema de permisos con la mejora de la redacción de información sensible. Este problema se ha solucionado en macOS Ventura 13.4, tvOS 16.5, iOS 16.5, iPadOS 16.5 y watchOS 9.5. • https://support.apple.com/en-us/HT213757 https://support.apple.com/en-us/HT213758 https://support.apple.com/en-us/HT213761 https://support.apple.com/en-us/HT213764 https://support.apple.com/kb/HT213757 https://support.apple.com/kb/HT213758 https://support.apple.com/kb/HT213761 https://support.apple.com/kb/HT213764 • CWE-276: Incorrect Default Permissions •