CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-28192
https://notcve.org/view.php?id=CVE-2023-28192
A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to read sensitive location information. • https://support.apple.com/en-us/HT213670 https://support.apple.com/en-us/HT213675 https://support.apple.com/en-us/HT213677 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27957
https://notcve.org/view.php?id=CVE-2023-27957
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution. • https://support.apple.com/en-us/HT213670 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-28200
https://notcve.org/view.php?id=CVE-2023-28200
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to disclose kernel memory. • https://support.apple.com/en-us/HT213670 https://support.apple.com/en-us/HT213673 https://support.apple.com/en-us/HT213675 https://support.apple.com/en-us/HT213677 https://support.apple.com/kb/HT213843 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27938 – Apple GarageBand MIDI File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-27938
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in GarageBand for macOS 10.4.8. Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple GarageBand. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within a function in MACore.framework. • https://support.apple.com/en-us/HT213650 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27968
https://notcve.org/view.php?id=CVE-2023-27968
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. Se ha solucionado un problema de desbordamiento del búfer con una gestión mejorada de la memoria. Este problema se ha solucionado en macOS Ventura 13.3. • https://support.apple.com/en-us/HT213670 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •