CVSS: 3.6EPSS: 0%CPEs: 5EXPL: 0CVE-2023-23543
https://notcve.org/view.php?id=CVE-2023-23543
28 Mar 2023 — The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. A sandboxed app may be able to determine which app is currently using the camera. • https://support.apple.com/en-us/HT213670 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32824
https://notcve.org/view.php?id=CVE-2022-32824
27 Feb 2023 — The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory. • https://support.apple.com/en-us/HT213340 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-32830
https://notcve.org/view.php?id=CVE-2022-32830
27 Feb 2023 — An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information. • https://support.apple.com/en-us/HT213342 • CWE-125: Out-of-bounds Read •
CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32844
https://notcve.org/view.php?id=CVE-2022-32844
27 Feb 2023 — A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication. • https://support.apple.com/en-us/HT213340 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-32855
https://notcve.org/view.php?id=CVE-2022-32855
27 Feb 2023 — A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6. A user may be able to view restricted content from the lock screen. • https://support.apple.com/en-us/HT213346 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-26760
https://notcve.org/view.php?id=CVE-2022-26760
27 Feb 2023 — A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. A malicious application may be able to elevate privileges. • https://support.apple.com/en-us/HT213258 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22668
https://notcve.org/view.php?id=CVE-2022-22668
27 Feb 2023 — A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A malicious application may be able to leak sensitive user information. • https://support.apple.com/en-us/HT213182 •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2023-23520
https://notcve.org/view.php?id=CVE-2023-23520
27 Feb 2023 — A race condition was addressed with additional validation. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may be able to read arbitrary files as root. • https://support.apple.com/en-us/HT213599 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-23524
https://notcve.org/view.php?id=CVE-2023-23524
27 Feb 2023 — A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS Ventura 13.2.1. Processing a maliciously crafted certificate may lead to a denial-of-service. • https://support.apple.com/en-us/HT213632 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.6EPSS: 0%CPEs: 3EXPL: 0CVE-2023-23530
https://notcve.org/view.php?id=CVE-2023-23530
27 Feb 2023 — The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. • https://support.apple.com/en-us/HT213605 •