CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32442
https://notcve.org/view.php?id=CVE-2023-32442
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. A shortcut may be able to modify sensitive Shortcuts app settings. • https://support.apple.com/en-us/HT213843 https://support.apple.com/en-us/HT213844 •
CVSS: 8.6EPSS: 0%CPEs: 3EXPL: 1CVE-2023-32364
https://notcve.org/view.php?id=CVE-2023-32364
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.5. A sandboxed process may be able to circumvent sandbox restrictions. • https://github.com/gergelykalman/CVE-2023-32364-macos-app-sandbox-escape https://support.apple.com/en-us/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32429
https://notcve.org/view.php?id=CVE-2023-32429
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. An app may be able to bypass Privacy preferences. • https://support.apple.com/en-us/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845 •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32443
https://notcve.org/view.php?id=CVE-2023-32443
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents. • https://support.apple.com/en-us/HT213843 https://support.apple.com/en-us/HT213844 https://support.apple.com/en-us/HT213845 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32418
https://notcve.org/view.php?id=CVE-2023-32418
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to unexpected app termination or arbitrary code execution. • https://support.apple.com/en-us/HT213843 https://support.apple.com/en-us/HT213844 https://support.apple.com/en-us/HT213845 • CWE-94: Improper Control of Generation of Code ('Code Injection') •