Apple macOS vulnerabilities
3,135 known vulnerabilities affecting apple/macos.
Total CVEs
3,135
CISA KEV
75
actively exploited
Public exploits
44
Exploited in wild
61
Severity breakdown
CRITICAL203HIGH1362MEDIUM1421LOW149
Vulnerabilities
Page 73 of 157
CVE-2023-41073MEDIUMCVSS 5.5≥ 12.0.0, < 12.7≥ 13.0, < 13.6+3 more2023-09-27
CVE-2023-41073 [MEDIUM] CVE-2023-41073: An authorization issue was addressed with improved state management. This issue is fixed in macOS Ve
An authorization issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access protected user data.
nvd
CVE-2023-35984MEDIUMCVSS 4.3fixed in 14.0≥ unspecified, < 142023-09-27
CVE-2023-35984 [MEDIUM] CWE-787 CVE-2023-35984: The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17,
The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An attacker in physical proximity can cause a limited out of bounds write.
nvd
CVE-2023-40399MEDIUMCVSS 5.5fixed in 14.0≥ unspecified, < 142023-09-27
CVE-2023-40399 [MEDIUM] CVE-2023-40399: The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iP
The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to disclose kernel memory.
nvd
CVE-2023-40450MEDIUMCVSS 5.5fixed in 14.0≥ unspecified, < 142023-09-27
CVE-2023-40450 [MEDIUM] CVE-2023-40450: The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may byp
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may bypass Gatekeeper checks.
nvd
CVE-2023-40429MEDIUMCVSS 5.5fixed in 14.0≥ unspecified, < 142023-09-27
CVE-2023-40429 [MEDIUM] CVE-2023-40429: A permissions issue was addressed with improved validation. This issue is fixed in tvOS 17, iOS 17 a
A permissions issue was addressed with improved validation. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to access sensitive user data.
nvd
CVE-2023-40422MEDIUMCVSS 5.5fixed in 14.0≥ unspecified, < 142023-09-27
CVE-2023-40422 [MEDIUM] CVE-2023-40422: The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14. An ap
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14. An app may be able to cause a denial-of-service.
nvd
CVE-2023-41066MEDIUMCVSS 5.5fixed in 14.0≥ unspecified, < 142023-09-27
CVE-2023-41066 [MEDIUM] CVE-2023-41066: An authentication issue was addressed with improved state management. This issue is fixed in macOS S
An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14. An app may be able to unexpectedly leak a user's credentials from secure text fields.
nvd
CVE-2023-40403MEDIUMCVSS 6.5≥ 12.0.0, < 12.7≥ 13.0, < 13.6+3 more2023-09-27
CVE-2023-40403 [MEDIUM] CVE-2023-40403: The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tv
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may disclose sensitive information.
nvd
CVE-2023-40410MEDIUMCVSS 5.5≥ 12.0.0, < 12.7≥ 13.0, < 13.6+3 more2023-09-27
CVE-2023-40410 [MEDIUM] CWE-125 CVE-2023-40410: An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ven
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to disclose kernel memory.
nvd
CVE-2023-41996MEDIUMCVSS 5.5≥ 13.0, < 13.6≥ unspecified, < 13.62023-09-27
CVE-2023-41996 [MEDIUM] CVE-2023-41996: The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6. Apps that f
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6. Apps that fail verification checks may still launch.
nvd
CVE-2023-41968MEDIUMCVSS 5.5≥ 12.0.0, < 12.7≥ 13.0, < 13.6+3 more2023-09-27
CVE-2023-41968 [MEDIUM] CWE-59 CVE-2023-41968: This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read arbitrary files.
nvd
CVE-2023-40426MEDIUMCVSS 5.5fixed in 14.0≥ unspecified, < 142023-09-27
CVE-2023-40426 [MEDIUM] CVE-2023-40426: A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14. An app may be able to bypass certain Privacy preferences.
nvd
CVE-2023-41986MEDIUMCVSS 5.5fixed in 14.0≥ unspecified, < 142023-09-27
CVE-2023-41986 [MEDIUM] CVE-2023-41986: The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, macOS Son
The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to modify protected parts of the file system.
nvd
CVE-2023-38596MEDIUMCVSS 5.5fixed in 14.0≥ unspecified, < 142023-09-27
CVE-2023-38596 [MEDIUM] CVE-2023-38596: The issue was addressed with improved handling of protocols. This issue is fixed in tvOS 17, iOS 17
The issue was addressed with improved handling of protocols. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may fail to enforce App Transport Security.
nvd
CVE-2023-40420MEDIUMCVSS 6.5≥ 12.0.0, < 12.7≥ 13.0, < 13.6+3 more2023-09-27
CVE-2023-40420 [MEDIUM] CVE-2023-40420: The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tv
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to a denial-of-service.
nvd
CVE-2023-41078MEDIUMCVSS 5.5fixed in 14.0≥ unspecified, < 142023-09-27
CVE-2023-41078 [MEDIUM] CWE-863 CVE-2023-41078: An authorization issue was addressed with improved state management. This issue is fixed in macOS So
An authorization issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14. An app may be able to bypass certain Privacy preferences.
nvd
CVE-2023-23495MEDIUMCVSS 5.5fixed in 14.0≥ unspecified, < 142023-09-27
CVE-2023-23495 [MEDIUM] CVE-2023-23495: A permissions issue was addressed with improved redaction of sensitive information. This issue is fi
A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.
nvd
CVE-2023-40424MEDIUMCVSS 5.5fixed in 14.0≥ unspecified, < 142023-09-27
CVE-2023-40424 [MEDIUM] CVE-2023-40424: The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, watchOS 1
The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to access user-sensitive data.
nvd
CVE-2023-41079MEDIUMCVSS 5.5fixed in 14.0≥ unspecified, < 142023-09-27
CVE-2023-41079 [MEDIUM] CVE-2023-41079: The issue was addressed with improved permissions logic. This issue is fixed in macOS Sonoma 14. An
The issue was addressed with improved permissions logic. This issue is fixed in macOS Sonoma 14. An app may be able to bypass Privacy preferences.
nvd
CVE-2023-44216MEDIUMCVSS 5.3v13.12023-09-27
CVE-2023-44216 [MEDIUM] CWE-203 CVE-2023-44216: PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transpar
PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one ori
nvd