CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-26699
https://notcve.org/view.php?id=CVE-2022-26699
14 Aug 2023 — A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13. An app may be able to cause a denial-of-service to Endpoint Security clients. Se ha solucionado un problema lógico mejorando la gestión de estados. Este problema se ha solucionado en macOS Ventura 13. • https://support.apple.com/en-us/HT213488 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-46722
https://notcve.org/view.php?id=CVE-2022-46722
14 Aug 2023 — A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system. Se ha solucionado un problema lógico con comprobaciones mejoradas. Este problema se ha solucionado en macOS Ventura 13. • https://support.apple.com/en-us/HT213488 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28179
https://notcve.org/view.php?id=CVE-2023-28179
14 Aug 2023 — The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. Processing a maliciously crafted AppleScript binary may result in unexpected app termination or disclosure of process memory. Se ha solucionado un problema mejorando la gestión de la memoria. Este problema se ha corregido en macOS Ventura 13.3. • https://support.apple.com/en-us/HT213670 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27947
https://notcve.org/view.php?id=CVE-2023-27947
14 Aug 2023 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory. Se ha solucionado un problema de lectura fuera de los límites mejorando la validación de las entradas. Este problema se ha solucionado en macOS Ventura 13.3. • https://support.apple.com/en-us/HT213670 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-28198 – Apple Safari DFG Fixup Phase Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-28198
04 Aug 2023 — A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution. Se ha solucionado un problema de use-after-free con una mejora en la gestión de memoria. Este problema se ha solucionado en iOS 16.4 y iPadOS 16.4, macOS Ventura 13.3. • http://www.openwall.com/lists/oss-security/2023/09/11/1 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32358 – Apple Safari PDF Plugin Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-32358
04 Aug 2023 — A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WebKit PDF plugin. • https://support.apple.com/en-us/HT213670 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-37285
https://notcve.org/view.php?id=CVE-2023-37285
28 Jul 2023 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. • https://support.apple.com/en-us/HT213842 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32654
https://notcve.org/view.php?id=CVE-2023-32654
28 Jul 2023 — A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.5. A user may be able to read information belonging to another user. • https://support.apple.com/en-us/HT213843 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38609
https://notcve.org/view.php?id=CVE-2023-38609
28 Jul 2023 — An injection issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5. An app may be able to bypass certain Privacy preferences. • https://github.com/mc-17/CVE-2023-38609 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-2023-38598
https://notcve.org/view.php?id=CVE-2023-38598
28 Jul 2023 — A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. • https://support.apple.com/en-us/HT213841 • CWE-416: Use After Free •