CVE-2023-32364
https://notcve.org/view.php?id=CVE-2023-32364
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.5. A sandboxed process may be able to circumvent sandbox restrictions. • https://github.com/gergelykalman/CVE-2023-32364-macos-app-sandbox-escape https://support.apple.com/en-us/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845 •
CVE-2023-32429
https://notcve.org/view.php?id=CVE-2023-32429
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. An app may be able to bypass Privacy preferences. • https://support.apple.com/en-us/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845 •
CVE-2023-32443
https://notcve.org/view.php?id=CVE-2023-32443
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents. • https://support.apple.com/en-us/HT213843 https://support.apple.com/en-us/HT213844 https://support.apple.com/en-us/HT213845 • CWE-125: Out-of-bounds Read •
CVE-2023-38606 – Apple Multiple Products Kernel Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2023-38606
This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1. Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an unspecified vulnerability allowing an app to modify a sensitive kernel state. • https://support.apple.com/en-us/HT213841 https://support.apple.com/en-us/HT213842 https://support.apple.com/en-us/HT213843 https://support.apple.com/en-us/HT213844 https://support.apple.com/en-us/HT213845 https://support.apple.com/en-us/HT213846 https://support.apple.com/en-us/HT213848 •
CVE-2023-32381
https://notcve.org/view.php?id=CVE-2023-32381
A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges. • https://support.apple.com/en-us/HT213841 https://support.apple.com/en-us/HT213843 https://support.apple.com/en-us/HT213844 https://support.apple.com/en-us/HT213845 https://support.apple.com/en-us/HT213846 https://support.apple.com/en-us/HT213848 • CWE-416: Use After Free •