macOS Big Sur
by Apple Inc.
CVEs (363)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-40442 | 0.00 | — | 0.00 | Sep 11, 2023 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8. An app may be able to read sensitive location information. | |||
| CVE-2020-36615 | 0.00 | — | 0.00 | Aug 14, 2023 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1. Processing a maliciously crafted font may lead to arbitrary code execution. | |||
| CVE-2022-46706 | 0.00 | — | 0.00 | Aug 14, 2023 | A type confusion issue was addressed with improved state handling. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to execute arbitrary code with kernel privileges. | |||
| CVE-2023-38598 | 0.00 | — | 0.01 | Jul 28, 2023 | A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary… | |||
| CVE-2023-38604 | 0.00 | — | 0.01 | Jul 28, 2023 | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute… | |||
| CVE-2023-34425 | 0.00 | — | 0.01 | Jul 28, 2023 | The issue was addressed with improved memory handling. This issue is fixed in watchOS 9.6, macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, macOS Big Sur 11.7.9, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. | |||
| CVE-2023-38259 | 0.00 | — | 0.00 | Jul 27, 2023 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to access user-sensitive data. | |||
| CVE-2023-38602 | 0.00 | — | 0.00 | Jul 27, 2023 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system. | |||
| CVE-2023-28191 | 0.00 | — | 0.00 | Jun 23, 2023 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to bypass Privacy preferences. | |||
| CVE-2022-22630 | 0.00 | — | 0.01 | Jun 23, 2023 | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.6, macOS Monterey 12.3, Security Update 2022-004 Catalina. A remote user may cause an unexpected app termination or arbitrary code execution | |||
| CVE-2023-32386 | 0.00 | — | 0.00 | Jun 23, 2023 | A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to observe unprotected user data. | |||
| CVE-2023-32355 | 0.00 | — | 0.00 | Jun 23, 2023 | A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to modify protected parts of the file system. | |||
| CVE-2023-32360 | 0.00 | — | 0.00 | Jun 23, 2023 | An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An unauthenticated user may be able to access recently printed documents. | |||
| CVE-2022-42860 | 0.00 | — | 0.00 | Jun 23, 2023 | This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Monterey 12.6.1, macOS Big Sur 11.7.1, macOS Ventura 13. An app may be able to modify protected parts of the file system | |||
| CVE-2023-32413 | 0.00 | — | 0.01 | Jun 23, 2023 | A race condition was addressed with improved state handling. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to gain root privileges. | |||
| CVE-2023-32405 | 0.00 | — | 0.00 | Jun 23, 2023 | A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to gain root privileges. | |||
| CVE-2022-42834 | 0.00 | — | 0.00 | Jun 23, 2023 | An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13, macOS Big Sur 11.7.3. An app may be able to access mail folder attachments through a temporary directory used during compression | |||
| CVE-2023-27941 | 0.00 | — | 0.00 | May 8, 2023 | A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to disclose kernel memory. | |||
| CVE-2023-23534 | 0.00 | — | 0.00 | May 8, 2023 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5. Processing a maliciously crafted image may result in disclosure of process memory. | |||
| CVE-2023-27946 | 0.00 | — | 0.00 | May 8, 2023 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code… |
- CVE-2023-40442Sep 11, 2023risk 0.00cvss —epss 0.00
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8. An app may be able to read sensitive location information.
- CVE-2020-36615Aug 14, 2023risk 0.00cvss —epss 0.00
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1. Processing a maliciously crafted font may lead to arbitrary code execution.
- CVE-2022-46706Aug 14, 2023risk 0.00cvss —epss 0.00
A type confusion issue was addressed with improved state handling. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to execute arbitrary code with kernel privileges.
- CVE-2023-38598Jul 28, 2023risk 0.00cvss —epss 0.01
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary…
- CVE-2023-38604Jul 28, 2023risk 0.00cvss —epss 0.01
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute…
- CVE-2023-34425Jul 28, 2023risk 0.00cvss —epss 0.01
The issue was addressed with improved memory handling. This issue is fixed in watchOS 9.6, macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, macOS Big Sur 11.7.9, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.
- CVE-2023-38259Jul 27, 2023risk 0.00cvss —epss 0.00
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to access user-sensitive data.
- CVE-2023-38602Jul 27, 2023risk 0.00cvss —epss 0.00
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system.
- CVE-2023-28191Jun 23, 2023risk 0.00cvss —epss 0.00
This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to bypass Privacy preferences.
- CVE-2022-22630Jun 23, 2023risk 0.00cvss —epss 0.01
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.6, macOS Monterey 12.3, Security Update 2022-004 Catalina. A remote user may cause an unexpected app termination or arbitrary code execution
- CVE-2023-32386Jun 23, 2023risk 0.00cvss —epss 0.00
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to observe unprotected user data.
- CVE-2023-32355Jun 23, 2023risk 0.00cvss —epss 0.00
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to modify protected parts of the file system.
- CVE-2023-32360Jun 23, 2023risk 0.00cvss —epss 0.00
An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An unauthenticated user may be able to access recently printed documents.
- CVE-2022-42860Jun 23, 2023risk 0.00cvss —epss 0.00
This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Monterey 12.6.1, macOS Big Sur 11.7.1, macOS Ventura 13. An app may be able to modify protected parts of the file system
- CVE-2023-32413Jun 23, 2023risk 0.00cvss —epss 0.01
A race condition was addressed with improved state handling. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to gain root privileges.
- CVE-2023-32405Jun 23, 2023risk 0.00cvss —epss 0.00
A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to gain root privileges.
- CVE-2022-42834Jun 23, 2023risk 0.00cvss —epss 0.00
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13, macOS Big Sur 11.7.3. An app may be able to access mail folder attachments through a temporary directory used during compression
- CVE-2023-27941May 8, 2023risk 0.00cvss —epss 0.00
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to disclose kernel memory.
- CVE-2023-23534May 8, 2023risk 0.00cvss —epss 0.00
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5. Processing a maliciously crafted image may result in disclosure of process memory.
- CVE-2023-27946May 8, 2023risk 0.00cvss —epss 0.00
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code…
Page 2 of 19