CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2023-40452 – Apple Security Advisory 09-26-2023-8
https://notcve.org/view.php?id=CVE-2023-40452
26 Sep 2023 — The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to overwrite arbitrary files. El problema se solucionó con comprobaciones de límites mejoradas. Este problema se solucionó en macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41078 – Apple Security Advisory 09-26-2023-2
https://notcve.org/view.php?id=CVE-2023-41078
26 Sep 2023 — An authorization issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14. An app may be able to bypass certain Privacy preferences. Se abordó un problema de autorización con una mejor gestión estatal. Este problema se solucionó en macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/3 • CWE-863: Incorrect Authorization •
CVSS: 8.6EPSS: 1%CPEs: 5EXPL: 1CVE-2023-40448 – Apple Security Advisory 09-26-2023-8
https://notcve.org/view.php?id=CVE-2023-40448
26 Sep 2023 — The issue was addressed with improved handling of protocols. This issue is fixed in tvOS 17, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. A remote attacker may be able to break out of Web Content sandbox. El problema se abordó mejorando el manejo de los protocolos. Este problema se solucionó en tvOS 17, iOS 16.7 y iPadOS 16.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • https://github.com/w0wbox/CVE-2023-40448 •
CVSS: 10.0EPSS: 1%CPEs: 9EXPL: 0CVE-2023-41074 – webkitgtk: processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-41074
26 Sep 2023 — The issue was addressed with improved checks. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution. El problema se solucionó con controles mejorados. Este problema se solucionó en tvOS 17, Safari 17, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-40409 – Apple Security Advisory 09-26-2023-8
https://notcve.org/view.php?id=CVE-2023-40409
26 Sep 2023 — The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17. • http://seclists.org/fulldisclosure/2023/Oct/10 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40426 – Apple Security Advisory 09-26-2023-2
https://notcve.org/view.php?id=CVE-2023-40426
26 Sep 2023 — A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14. An app may be able to bypass certain Privacy preferences. Se solucionó un problema de permisos con restricciones adicionales. Este problema se solucionó en macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/3 •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37448 – Apple Security Advisory 09-26-2023-2
https://notcve.org/view.php?id=CVE-2023-37448
26 Sep 2023 — A lock screen issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14. A user may be able to view restricted content from the lock screen. Se solucionó un problema de la pantalla de bloqueo con una gestión de estado mejorada. Este problema se solucionó en macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/3 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38586 – Apple Security Advisory 09-26-2023-2
https://notcve.org/view.php?id=CVE-2023-38586
26 Sep 2023 — An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sonoma 14. A sandboxed process may be able to circumvent sandbox restrictions. Se solucionó un problema de acceso con restricciones adicionales de la sandbox. Este problema se solucionó en macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/3 •
CVSS: 4.6EPSS: 0%CPEs: 5EXPL: 0CVE-2023-35984 – Apple Security Advisory 09-26-2023-8
https://notcve.org/view.php?id=CVE-2023-35984
26 Sep 2023 — The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An attacker in physical proximity can cause a limited out of bounds write. El problema se solucionó con controles mejorados. Este problema se solucionó en tvOS 17, iOS 17 y iPadOS 17, watchOS 10, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-40410 – Apple Security Advisory 09-26-2023-8
https://notcve.org/view.php?id=CVE-2023-40410
26 Sep 2023 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to disclose kernel memory. Se solucionó una lectura fuera de límites con una validación de entrada mejorada. Este problema se solucionó en macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 • CWE-125: Out-of-bounds Read •