CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-42865
https://notcve.org/view.php?id=CVE-2023-42865
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing an image may result in disclosure of process memory. Se solucionó una lectura fuera de los límites con una validación de entrada mejorada. Este problema se solucionó en macOS Ventura 13.3, tvOS 16.4, iOS 16.4 y iPadOS 16.4, watchOS 9.4. • https://support.apple.com/en-us/HT213670 https://support.apple.com/en-us/HT213674 https://support.apple.com/en-us/HT213676 https://support.apple.com/en-us/HT213678 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-42862
https://notcve.org/view.php?id=CVE-2023-42862
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing an image may result in disclosure of process memory. Se solucionó una lectura fuera de los límites con una validación de entrada mejorada. Este problema se solucionó en macOS Ventura 13.3, tvOS 16.4, iOS 16.4 y iPadOS 16.4, watchOS 9.4. • https://support.apple.com/en-us/HT213670 https://support.apple.com/en-us/HT213674 https://support.apple.com/en-us/HT213676 https://support.apple.com/en-us/HT213678 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32424
https://notcve.org/view.php?id=CVE-2023-32424
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.4 and iPadOS 16.4, watchOS 9.4. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en iOS 16.4 y iPadOS 16.4, watchOS 9.4. • https://support.apple.com/en-us/HT213676 https://support.apple.com/en-us/HT213678 •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-42866
https://notcve.org/view.php?id=CVE-2023-42866
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, tvOS 16.6, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en macOS Ventura 13.5, iOS 16.6 y iPadOS 16.6, tvOS 16.6, Safari 16.6, watchOS 9.6. • https://support.apple.com/en-us/HT213841 https://support.apple.com/en-us/HT213843 https://support.apple.com/en-us/HT213846 https://support.apple.com/en-us/HT213847 https://support.apple.com/en-us/HT213848 •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2022-48618 – Apple Multiple Products Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2022-48618
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited against versions of iOS released before iOS 15.7.1. El problema se solucionó con controles mejorados. • https://support.apple.com/en-us/HT213530 https://support.apple.com/en-us/HT213532 https://support.apple.com/en-us/HT213535 https://support.apple.com/en-us/HT213536 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •