CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-23527
https://notcve.org/view.php?id=CVE-2023-23527
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. A user may gain access to protected parts of the file system. • https://support.apple.com/en-us/HT213670 https://support.apple.com/en-us/HT213674 https://support.apple.com/en-us/HT213675 https://support.apple.com/en-us/HT213676 https://support.apple.com/en-us/HT213677 https://support.apple.com/en-us/HT213678 •
CVSS: 3.3EPSS: 0%CPEs: 8EXPL: 0CVE-2023-27928
https://notcve.org/view.php?id=CVE-2023-27928
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4, macOS Big Sur 11.7.5. An app may be able to access information about a user’s contacts. • https://support.apple.com/en-us/HT213670 https://support.apple.com/en-us/HT213673 https://support.apple.com/en-us/HT213674 https://support.apple.com/en-us/HT213675 https://support.apple.com/en-us/HT213676 https://support.apple.com/en-us/HT213678 •
CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32844
https://notcve.org/view.php?id=CVE-2022-32844
A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication. • https://support.apple.com/en-us/HT213340 https://support.apple.com/en-us/HT213342 https://support.apple.com/en-us/HT213346 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32824
https://notcve.org/view.php?id=CVE-2022-32824
The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory. • https://support.apple.com/en-us/HT213340 https://support.apple.com/en-us/HT213342 https://support.apple.com/en-us/HT213346 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-23524
https://notcve.org/view.php?id=CVE-2023-23524
A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS Ventura 13.2.1. Processing a maliciously crafted certificate may lead to a denial-of-service. • https://support.apple.com/en-us/HT213632 https://support.apple.com/en-us/HT213633 https://support.apple.com/en-us/HT213634 https://support.apple.com/en-us/HT213635 • CWE-400: Uncontrolled Resource Consumption •