CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-40420 – Apple Security Advisory 09-26-2023-8
https://notcve.org/view.php?id=CVE-2023-40420
26 Sep 2023 — The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to a denial-of-service. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en macOS Ventura 13.6, tvOS 17, iOS 16.7 y iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40436 – Apple Security Advisory 09-26-2023-2
https://notcve.org/view.php?id=CVE-2023-40436
26 Sep 2023 — The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14. An attacker may be able to cause unexpected system termination or read kernel memory. El problema se solucionó con comprobaciones de los límites mejoradas. Este problema se solucionó en macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/3 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2023-35074 – webkitgtk: processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-35074
26 Sep 2023 — The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en tvOS 17, Safari 17, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41067 – Apple Security Advisory 09-26-2023-2
https://notcve.org/view.php?id=CVE-2023-41067
26 Sep 2023 — A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may bypass Gatekeeper checks. Se solucionó un problema de lógica con controles mejorados. Este problema se solucionó en macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/3 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41066 – Apple Security Advisory 09-26-2023-2
https://notcve.org/view.php?id=CVE-2023-41066
26 Sep 2023 — An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14. An app may be able to unexpectedly leak a user's credentials from secure text fields. Se solucionó un problema de autenticación con una gestión de estado mejorada. Este problema se solucionó en macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/3 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32421 – Apple Security Advisory 09-26-2023-2
https://notcve.org/view.php?id=CVE-2023-32421
26 Sep 2023 — A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. An app may be able to observe unprotected user data. Se solucionó un problema de privacidad mejorando el manejo de archivos temporales. Este problema se solucionó en macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/3 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-41986 – Apple Security Advisory 09-26-2023-7
https://notcve.org/view.php?id=CVE-2023-41986
26 Sep 2023 — The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to modify protected parts of the file system. El problema se solucionó con controles mejorados. Este problema se solucionó en iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/3 •
CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0CVE-2023-40417 – Apple Security Advisory 09-26-2023-8
https://notcve.org/view.php?id=CVE-2023-40417
26 Sep 2023 — A window management issue was addressed with improved state management. This issue is fixed in Safari 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. Visiting a website that frames malicious content may lead to UI spoofing. Se solucionó un problema de gestión de ventanas mejorando la gestión del estado. Este problema se solucionó en Safari 17, iOS 17 y iPadOS 17, watchOS 10, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/2 •
CVSS: 10.0EPSS: 0%CPEs: 16EXPL: 4CVE-2023-41993 – Apple Multiple Products WebKit Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-41993
21 Sep 2023 — The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. El problema se solucionó con controles mejorados. • https://github.com/po6ix/POC-for-CVE-2023-41993 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-41992 – Apple Multiple Products Kernel Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-41992
21 Sep 2023 — The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, macOS Ventura 13.6. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. El problema se solucionó con controles mejorados. • https://support.apple.com/en-us/HT213927 • CWE-754: Improper Check for Unusual or Exceptional Conditions •