CVSS: 9.0EPSS: 1%CPEs: 3EXPL: 0CVE-2023-41060
https://notcve.org/view.php?id=CVE-2023-41060
10 Jan 2024 — A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. A remote user may be able to cause kernel code execution. Se solucionó un problema de confusión de tipos con comprobaciones mejoradas. Este problema se solucionó en macOS Sonoma 14, iOS 17 y iPadOS 17. • https://support.apple.com/en-us/HT213938 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-42870
https://notcve.org/view.php?id=CVE-2023-42870
10 Jan 2024 — A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. Se solucionó un problema de uso después de la liberación con una gestión de memoria mejorada. Este problema se solucionó en macOS Sonoma 14, iOS 17 y iPadOS 17. • https://support.apple.com/en-us/HT213938 • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-42934
https://notcve.org/view.php?id=CVE-2023-42934
10 Jan 2024 — An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app with root privileges may be able to access private information. Se solucionó un problema de divulgación de información eliminando el código vulnerable. Este problema se solucionó en macOS Sonoma 14, iOS 17 y iPadOS 17. • https://support.apple.com/en-us/HT213938 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-42871
https://notcve.org/view.php?id=CVE-2023-42871
10 Jan 2024 — The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en macOS Sonoma 14, iOS 17 y iPadOS 17. • https://support.apple.com/en-us/HT213938 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-38610
https://notcve.org/view.php?id=CVE-2023-38610
10 Jan 2024 — A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to cause unexpected system termination or write kernel memory. Se solucionó un problema de corrupción de memoria eliminando el código vulnerable. Este problema se solucionó en macOS Sonoma 14, iOS 17 y iPadOS 17. • https://support.apple.com/en-us/HT213938 • CWE-787: Out-of-bounds Write •
CVSS: 2.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-40529
https://notcve.org/view.php?id=CVE-2023-40529
10 Jan 2024 — This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 17 and iPadOS 17. A person with physical access to a device may be able to use VoiceOver to access private calendar information. Este problema se solucionó mejorando la redacción de información confidencial. Este problema se solucionó en iOS 17 y iPadOS 17. • https://support.apple.com/en-us/HT213938 •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-42941
https://notcve.org/view.php?id=CVE-2023-42941
10 Jan 2024 — The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An attacker in a privileged network position may be able to perform a denial-of-service attack using crafted Bluetooth packets. El problema se solucionó con controles mejorados. Este problema se solucionó en iOS 17.2 y iPadOS 17.2. • https://support.apple.com/en-us/HT214035 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-40446
https://notcve.org/view.php?id=CVE-2023-40446
12 Dec 2023 — The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing maliciously crafted input may lead to arbitrary code execution in user-installed apps. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en macOS Monterey 12.7.1, iOS 16.7.2 y iPadOS 16.7.2, iOS 17.1 y iPadOS 17.1. • https://support.apple.com/en-us/HT213981 •
CVSS: 10.0EPSS: 3%CPEs: 6EXPL: 0CVE-2023-42890 – webkitgtk: processing malicious web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-42890
12 Dec 2023 — The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arbitrary code execution. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 y iPadOS 17.2, tvOS 17.2. • http://seclists.org/fulldisclosure/2023/Dec/12 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-42897 – Apple Security Advisory 12-11-2023-2
https://notcve.org/view.php?id=CVE-2023-42897
12 Dec 2023 — The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An attacker with physical access may be able to use Siri to access sensitive user data. El problema se solucionó con controles mejorados. Este problema se solucionó en iOS 17.2 y iPadOS 17.2. • http://seclists.org/fulldisclosure/2023/Dec/7 •