CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27844 – Apple Security Advisory 06-10-2024-1
https://notcve.org/view.php?id=CVE-2024-27844
10 Jun 2024 — The issue was addressed with improved checks. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, Safari 17.5. A website's permission dialog may persist after navigation away from the site. El problema se solucionó con controles mejorados. Este problema se solucionó en visionOS 1.2, macOS Sonoma 14.5, Safari 17.5. • http://seclists.org/fulldisclosure/2024/Jun/5 •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2024-27833 – Apple Safari B3 JIT Compiler Integer Underflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-27833
10 Jun 2024 — An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5. Processing maliciously crafted web content may lead to arbitrary code execution. Se solucionó un desbordamiento de enteros con una validación de entrada mejorada. Este problema se solucionó en tvOS 17.5, iOS 16.7.8 y iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 y iPadOS 17.5. • http://seclists.org/fulldisclosure/2024/Jun/5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-42956 – webkit: processing malicious web content may lead to a denial of service
https://notcve.org/view.php?id=CVE-2023-42956
28 Mar 2024 — The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing web content may lead to a denial-of-service. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en Safari 17.2, iOS 17.2 y iPadOS 17.2, macOS Sonoma 14.2. • http://www.openwall.com/lists/oss-security/2024/03/26/1 •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-42950 – webkit: heap use-after-free may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-42950
28 Mar 2024 — A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution. Se solucionó un problema de use after free con una gestión de memoria mejorada. Este problema se solucionó en Safari 17.2, iOS 17.2 y iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. • http://www.openwall.com/lists/oss-security/2024/03/26/1 • CWE-416: Use After Free •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-23273 – Apple Security Advisory 03-07-2024-2
https://notcve.org/view.php?id=CVE-2024-23273
08 Mar 2024 — This issue was addressed through improved state management. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Private Browsing tabs may be accessed without authentication. Esta cuestión se abordó mediante una mejor gestión de estado. Este problema se solucionó en Safari 17.4, iOS 17.4 y iPadOS 17.4, macOS Sonoma 14.4. • http://seclists.org/fulldisclosure/2024/Mar/20 • CWE-295: Improper Certificate Validation •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2024-23213 – webkitgtk: Processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2024-23213
23 Jan 2024 — The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en watchOS 10.3, tvOS 17.3, iOS 17.3 y iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 y iPadOS 16.7.5, Safari 17.3. • http://seclists.org/fulldisclosure/2024/Jan/27 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-23206 – webkitgtk: A maliciously crafted webpage may be able to fingerprint the user
https://notcve.org/view.php?id=CVE-2024-23206
23 Jan 2024 — An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A maliciously crafted webpage may be able to fingerprint the user. Se solucionó un problema de acceso mejorando las restricciones de acceso. Este problema se solucionó en watchOS 10.3, tvOS 17.3, iOS 17.3 y iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 y iPadOS 16.7.5, Safari 17.3. • http://seclists.org/fulldisclosure/2024/Jan/27 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2024-23211 – Apple Security Advisory 01-22-2024-8
https://notcve.org/view.php?id=CVE-2024-23211
23 Jan 2024 — A privacy issue was addressed with improved handling of user preferences. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A user's private browsing activity may be visible in Settings. Se solucionó un problema de privacidad mejorando el manejo de las preferencias del usuario. Este problema se solucionó en watchOS 10.3, iOS 17.3 y iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 y iPadOS 16.7.5, Safari 17.3. • http://seclists.org/fulldisclosure/2024/Jan/27 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-40414 – webkitgtk: Processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-40414
10 Jan 2024 — A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 10, iOS 17 and iPadOS 17, tvOS 17, macOS Sonoma 14, Safari 17. Processing web content may lead to arbitrary code execution. Se solucionó un problema de use after free con una gestión de memoria mejorada. Este problema se solucionó en watchOS 10, iOS 17 y iPadOS 17, tvOS 17, macOS Sonoma 14, Safari 17. • http://www.openwall.com/lists/oss-security/2024/02/05/8 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-42872
https://notcve.org/view.php?id=CVE-2023-42872
10 Jan 2024 — The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to access sensitive user data. El problema se solucionó con comprobaciones de permisos adicionales. Este problema se solucionó en macOS Sonoma 14, iOS 17 y iPadOS 17. • https://support.apple.com/en-us/HT213938 •