Apple Macos Big Sur vulnerabilities

CVE-2023-28185 [MEDIUM] CVE-2023-28185: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-28185 Component: Kernel Impact: An app may be able to cause a denial-of-service Description: An integer overflow was addressed through improved input validation.

CVE-2023-27961 [MEDIUM] CVE-2023-27961: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-27961 Component: Calendar Impact: Importing a maliciously crafted calendar invitation may exfiltrate user information Description: Multiple validation issues were addressed with improved input sanitization.

CVE-2023-28192 [MEDIUM] CVE-2023-28192: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-28192 Component: System Settings Impact: An app may be able to read sensitive location information Description: A permissions issue was addressed with improved validation.

CVE-2023-23535 [MEDIUM] CVE-2023-23535: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-23535 Component: ImageIO Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: The issue was addressed with improved memory handling.

CVE-2023-28189 [MEDIUM] CVE-2023-28189: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-28189 Component: Mail Impact: An app may be able to view sensitive information Description: The issue was addressed with improved checks.

CVE-2023-28207 [MEDIUM] CVE-2023-28207: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-28207 Component: AppleMobileFileIntegrity Impact: A plug-in may be able to inherit app permissions and access user data Description: The issue was addressed with improved checks.

CVE-2023-23534 [MEDIUM] CVE-2023-23534: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-23534 Component: Carbon Core Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: The issue was addressed with improved checks.

CVE-2023-27942 [MEDIUM] CVE-2023-27942: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-27942 Component: Podcasts Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks.

CVE-2023-28197 [LOW] CVE-2023-28197: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-28197 Component: Messages Impact: An app may be able to access user-sensitive data Description: An access issue was addressed with additional sandbox restrictions.

CVE-2023-27928 [LOW] CVE-2023-27928: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-27928 Component: Identity Services Impact: An app may be able to access information about a user’s contacts Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-23518 [HIGH] CVE-2023-23518: macOS Big Sur 11.7.3 Apple Security Update: About the security content of macOS Big Sur 11.7.3 Product: macOS Big Sur Version: 11.7.3 CVE: CVE-2023-23518 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2023-23516 [HIGH] CVE-2023-23516: macOS Big Sur 11.7.3 Apple Security Update: About the security content of macOS Big Sur 11.7.3 Product: macOS Big Sur Version: 11.7.3 CVE: CVE-2023-23516 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-23497 [HIGH] CVE-2023-23497: macOS Big Sur 11.7.3 Apple Security Update: About the security content of macOS Big Sur 11.7.3 Product: macOS Big Sur Version: 11.7.3 CVE: CVE-2023-23497 Component: PackageKit Impact: An app may be able to gain root privileges Description: A logic issue was addressed with improved state management.

CVE-2023-23517 [HIGH] CVE-2023-23517: macOS Big Sur 11.7.3 Apple Security Update: About the security content of macOS Big Sur 11.7.3 Product: macOS Big Sur Version: 11.7.3 CVE: CVE-2023-23517 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2023-27931 [MEDIUM] CVE-2023-27931: macOS Big Sur 11.7.3 Apple Security Update: About the security content of macOS Big Sur 11.7.3 Product: macOS Big Sur Version: 11.7.3 CVE: CVE-2023-27931 Component: TCC Impact: An app may be able to access user-sensitive data Description: This issue was addressed by removing the vulnerable code.

CVE-2023-23499 [MEDIUM] CVE-2023-23499: macOS Big Sur 11.7.3 Apple Security Update: About the security content of macOS Big Sur 11.7.3 Product: macOS Big Sur Version: 11.7.3 CVE: CVE-2023-23499 Component: AppleMobileFileIntegrity Impact: An app may be able to access user-sensitive data Description: This issue was addressed by enabling hardened runtime.

CVE-2023-23508 [MEDIUM] CVE-2023-23508: macOS Big Sur 11.7.3 Apple Security Update: About the security content of macOS Big Sur 11.7.3 Product: macOS Big Sur Version: 11.7.3 CVE: CVE-2023-23508 Component: Windows Installer Impact: An app may be able to bypass Privacy preferences Description: The issue was addressed with improved memory handling.

CVE-2022-35252 [LOW] CVE-2022-35252: macOS Big Sur 11.7.3 Apple Security Update: About the security content of macOS Big Sur 11.7.3 Product: macOS Big Sur Version: 11.7.3 CVE: CVE-2022-35252 Component: CVE-2022-35252 Impact: Mounting a maliciously crafted Samba network share may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2023-23513 [LOW] CVE-2023-23513: macOS Big Sur 11.7.3 Apple Security Update: About the security content of macOS Big Sur 11.7.3 Product: macOS Big Sur Version: 11.7.3 CVE: CVE-2023-23513 Component: CVE-2022-35252 Impact: Mounting a maliciously crafted Samba network share may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2023-23505 [LOW] CVE-2023-23505: macOS Big Sur 11.7.3 Apple Security Update: About the security content of macOS Big Sur 11.7.3 Product: macOS Big Sur Version: 11.7.3 CVE: CVE-2023-23505 Component: Screen Time Impact: An app may be able to access information about a user’s contacts Description: A privacy issue was addressed with improved private data redaction for log entries.