macOS Ventura
by Apple Inc.
CVEs (438)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-40409 | 0.00 | — | 0.00 | Sep 26, 2023 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. | |||
| CVE-2023-40410 | 0.00 | — | 0.00 | Sep 26, 2023 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to disclose kernel memory. | |||
| CVE-2023-41981 | 0.00 | — | 0.00 | Sep 26, 2023 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An attacker that has already achieved kernel code execution may be able to bypass kernel memory… | |||
| CVE-2023-41996 | 0.00 | — | 0.00 | Sep 26, 2023 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6. Apps that fail verification checks may still launch. | |||
| CVE-2023-40427 | 0.00 | — | 0.00 | Sep 26, 2023 | The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read sensitive location information. | |||
| CVE-2023-41968 | 0.00 | — | 0.00 | Sep 26, 2023 | This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read arbitrary files. | |||
| CVE-2023-41071 | 0.00 | — | 0.00 | Sep 26, 2023 | A use-after-free issue was addressed with improved memory management. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Ventura 13.6. An app may be able to execute arbitrary code with kernel privileges. | |||
| CVE-2023-41070 | 0.00 | — | 0.00 | Sep 26, 2023 | A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access sensitive data logged when a user shares a link. | |||
| CVE-2023-38616 | 0.00 | — | 0.00 | Sep 6, 2023 | A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. | |||
| CVE-2023-40397 | 0.00 | — | 0.01 | Sep 6, 2023 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary javascript code execution. | |||
| CVE-2023-34352 | 0.00 | — | 0.01 | Sep 6, 2023 | A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An attacker may be able to leak user account emails. | |||
| CVE-2023-32438 | 0.00 | — | 0.00 | Sep 6, 2023 | This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences. | |||
| CVE-2023-28214 | 0.00 | — | 0.00 | Sep 6, 2023 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | |||
| CVE-2023-28215 | 0.00 | — | 0.00 | Sep 6, 2023 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | |||
| CVE-2023-32356 | 0.00 | — | 0.00 | Sep 6, 2023 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | |||
| CVE-2023-28188 | 0.00 | — | 0.01 | Sep 6, 2023 | A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. A remote user may be able to cause a denial-of-service. | |||
| CVE-2023-28212 | 0.00 | — | 0.00 | Sep 6, 2023 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | |||
| CVE-2023-32432 | 0.00 | — | 0.00 | Sep 6, 2023 | A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to access user-sensitive data. | |||
| CVE-2023-28195 | 0.00 | — | 0.00 | Sep 6, 2023 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3. An app may be able to read sensitive location information. | |||
| CVE-2023-32428 | 0.00 | — | 0.01 | Sep 6, 2023 | This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to gain root privileges. |
- CVE-2023-40409Sep 26, 2023risk 0.00cvss —epss 0.00
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges.
- CVE-2023-40410Sep 26, 2023risk 0.00cvss —epss 0.00
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to disclose kernel memory.
- CVE-2023-41981Sep 26, 2023risk 0.00cvss —epss 0.00
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An attacker that has already achieved kernel code execution may be able to bypass kernel memory…
- CVE-2023-41996Sep 26, 2023risk 0.00cvss —epss 0.00
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6. Apps that fail verification checks may still launch.
- CVE-2023-40427Sep 26, 2023risk 0.00cvss —epss 0.00
The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read sensitive location information.
- CVE-2023-41968Sep 26, 2023risk 0.00cvss —epss 0.00
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read arbitrary files.
- CVE-2023-41071Sep 26, 2023risk 0.00cvss —epss 0.00
A use-after-free issue was addressed with improved memory management. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Ventura 13.6. An app may be able to execute arbitrary code with kernel privileges.
- CVE-2023-41070Sep 26, 2023risk 0.00cvss —epss 0.00
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access sensitive data logged when a user shares a link.
- CVE-2023-38616Sep 6, 2023risk 0.00cvss —epss 0.00
A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.
- CVE-2023-40397Sep 6, 2023risk 0.00cvss —epss 0.01
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary javascript code execution.
- CVE-2023-34352Sep 6, 2023risk 0.00cvss —epss 0.01
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An attacker may be able to leak user account emails.
- CVE-2023-32438Sep 6, 2023risk 0.00cvss —epss 0.00
This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences.
- CVE-2023-28214Sep 6, 2023risk 0.00cvss —epss 0.00
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.
- CVE-2023-28215Sep 6, 2023risk 0.00cvss —epss 0.00
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.
- CVE-2023-32356Sep 6, 2023risk 0.00cvss —epss 0.00
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.
- CVE-2023-28188Sep 6, 2023risk 0.00cvss —epss 0.01
A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. A remote user may be able to cause a denial-of-service.
- CVE-2023-28212Sep 6, 2023risk 0.00cvss —epss 0.00
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.
- CVE-2023-32432Sep 6, 2023risk 0.00cvss —epss 0.00
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to access user-sensitive data.
- CVE-2023-28195Sep 6, 2023risk 0.00cvss —epss 0.00
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3. An app may be able to read sensitive location information.
- CVE-2023-32428Sep 6, 2023risk 0.00cvss —epss 0.01
This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to gain root privileges.
Page 11 of 22