CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-23273
https://notcve.org/view.php?id=CVE-2024-23273
08 Mar 2024 — This issue was addressed through improved state management. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Private Browsing tabs may be accessed without authentication. Esta cuestión se abordó mediante una mejor gestión de estado. Este problema se solucionó en Safari 17.4, iOS 17.4 y iPadOS 17.4, macOS Sonoma 14.4. • http://seclists.org/fulldisclosure/2024/Mar/20 • CWE-295: Improper Certificate Validation •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2024-23213 – webkitgtk: Processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2024-23213
23 Jan 2024 — The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en watchOS 10.3, tvOS 17.3, iOS 17.3 y iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 y iPadOS 16.7.5, Safari 17.3. • http://seclists.org/fulldisclosure/2024/Jan/27 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-23206 – webkitgtk: A maliciously crafted webpage may be able to fingerprint the user
https://notcve.org/view.php?id=CVE-2024-23206
23 Jan 2024 — An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A maliciously crafted webpage may be able to fingerprint the user. Se solucionó un problema de acceso mejorando las restricciones de acceso. Este problema se solucionó en watchOS 10.3, tvOS 17.3, iOS 17.3 y iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 y iPadOS 16.7.5, Safari 17.3. • http://seclists.org/fulldisclosure/2024/Jan/27 •
CVSS: 3.3EPSS: 0%CPEs: 7EXPL: 0CVE-2024-23211
https://notcve.org/view.php?id=CVE-2024-23211
23 Jan 2024 — A privacy issue was addressed with improved handling of user preferences. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A user's private browsing activity may be visible in Settings. Se solucionó un problema de privacidad mejorando el manejo de las preferencias del usuario. Este problema se solucionó en watchOS 10.3, iOS 17.3 y iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 y iPadOS 16.7.5, Safari 17.3. • http://seclists.org/fulldisclosure/2024/Jan/27 •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-40414 – webkitgtk: Processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-40414
10 Jan 2024 — A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 10, iOS 17 and iPadOS 17, tvOS 17, macOS Sonoma 14, Safari 17. Processing web content may lead to arbitrary code execution. Se solucionó un problema de use after free con una gestión de memoria mejorada. Este problema se solucionó en watchOS 10, iOS 17 y iPadOS 17, tvOS 17, macOS Sonoma 14, Safari 17. • http://www.openwall.com/lists/oss-security/2024/02/05/8 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-42872
https://notcve.org/view.php?id=CVE-2023-42872
10 Jan 2024 — The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to access sensitive user data. El problema se solucionó con comprobaciones de permisos adicionales. Este problema se solucionó en macOS Sonoma 14, iOS 17 y iPadOS 17. • https://support.apple.com/en-us/HT213938 •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-42833 – webkitgtk: Processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-42833
10 Jan 2024 — A correctness issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14, Safari 17, iOS 17 and iPadOS 17. Processing web content may lead to arbitrary code execution. Se solucionó un problema de corrección con controles mejorados. Este problema se solucionó en macOS Sonoma 14, Safari 17, iOS 17 y iPadOS 17. • http://www.openwall.com/lists/oss-security/2024/02/05/8 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40385
https://notcve.org/view.php?id=CVE-2023-40385
10 Jan 2024 — This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14, Safari 17, iOS 17 and iPadOS 17. A remote attacker may be able to view leaked DNS queries with Private Relay turned on. Este problema se solucionó eliminando el código vulnerable. Este problema se solucionó en macOS Sonoma 14, Safari 17, iOS 17 y iPadOS 17. • https://support.apple.com/en-us/HT213938 •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-42866
https://notcve.org/view.php?id=CVE-2023-42866
10 Jan 2024 — The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, tvOS 16.6, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en macOS Ventura 13.5, iOS 16.6 y iPadOS 16.6, tvOS 16.6, Safari 16.6, watchOS 9.6. • https://support.apple.com/en-us/HT213841 •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-42890 – webkitgtk: processing malicious web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-42890
12 Dec 2023 — The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arbitrary code execution. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 y iPadOS 17.2, tvOS 17.2. • http://seclists.org/fulldisclosure/2023/Dec/12 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •