Apple Macos Monterey vulnerabilities

CVE-2023-32368 [MEDIUM] CVE-2023-32368: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32368 Component: Model I/O Impact: Processing a 3D model may result in disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-32403 [MEDIUM] CVE-2023-32403: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32403 Component: NetworkExtension Impact: An app may be able to read sensitive location information Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-23535 [MEDIUM] CVE-2023-23535: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-23535 Component: ImageIO Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: The issue was addressed with improved memory handling.

CVE-2023-27940 [MEDIUM] CVE-2023-27940: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-27940 Component: Kernel Impact: A sandboxed app may be able to observe system-wide network connections Description: The issue was addressed with additional permissions checks.

CVE-2023-32382 [MEDIUM] CVE-2023-32382: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32382 Component: Model I/O Impact: Processing a 3D model may result in disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-32375 [MEDIUM] CVE-2023-32375: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32375 Component: Model I/O Impact: Processing a 3D model may result in disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-32360 [MEDIUM] CVE-2023-32360: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32360 Component: CUPS Impact: An unauthenticated user may be able to access recently printed documents Description: An authentication issue was addressed with improved state management.

CVE-2023-32369 [MEDIUM] CVE-2023-32369: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32369 Component: LaunchServices Impact: An app may bypass Gatekeeper checks Description: A logic issue was addressed with improved checks.

CVE-2023-32392 [MEDIUM] CVE-2023-32392: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32392 Component: GeoServices Impact: An app may be able to read sensitive location information Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-28191 [MEDIUM] CVE-2023-28191: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-28191 Component: AppleEvents Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-32386 [LOW] CVE-2023-32386: macOS Monterey 12.6.6 Apple Security Update: About the security content of macOS Monterey 12.6.6 Product: macOS Monterey Version: 12.6.6 CVE: CVE-2023-32386 Component: Contacts Impact: An app may be able to observe unprotected user data Description: A privacy issue was addressed with improved handling of temporary files.

CVE-2023-28206 [HIGH] CVE-2023-28206: macOS Monterey 12.6.5 Apple Security Update: About the security content of macOS Monterey 12.6.5 Product: macOS Monterey Version: 12.6.5 CVE: CVE-2023-28206 Component: IOSurfaceAccelerator Impact: An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2023-27953 [CRITICAL] CVE-2023-27953: macOS Monterey 12.6.4 Apple Security Update: About the security content of macOS Monterey 12.6.4 Product: macOS Monterey Version: 12.6.4 CVE: CVE-2023-27953 Component: CoreServices Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: This issue was addressed with improved checks.

CVE-2023-27958 [CRITICAL] CVE-2023-27958: macOS Monterey 12.6.4 Apple Security Update: About the security content of macOS Monterey 12.6.4 Product: macOS Monterey Version: 12.6.4 CVE: CVE-2023-27958 Component: CoreServices Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: This issue was addressed with improved checks.

CVE-2023-23514 [HIGH] CVE-2023-23514: macOS Monterey 12.6.4 Apple Security Update: About the security content of macOS Monterey 12.6.4 Product: macOS Monterey Version: 12.6.4 CVE: CVE-2023-23514 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management.

CVE-2023-27963 [HIGH] CVE-2023-27963: macOS Monterey 12.6.4 Apple Security Update: About the security content of macOS Monterey 12.6.4 Product: macOS Monterey Version: 12.6.4 CVE: CVE-2023-27963 Component: Shortcuts Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: The issue was addressed with additional permissions checks.

CVE-2023-27937 [HIGH] CVE-2023-27937: macOS Monterey 12.6.4 Apple Security Update: About the security content of macOS Monterey 12.6.4 Product: macOS Monterey Version: 12.6.4 CVE: CVE-2023-27937 Component: Foundation Impact: Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution Description: An integer overflow was addressed with improved input validation.

CVE-2023-27949 [HIGH] CVE-2023-27949: macOS Monterey 12.6.4 Apple Security Update: About the security content of macOS Monterey 12.6.4 Product: macOS Monterey Version: 12.6.4 CVE: CVE-2023-27949 Component: Model I/O Impact: Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-27934 [HIGH] CVE-2023-27934: macOS Monterey 12.6.4 Apple Security Update: About the security content of macOS Monterey 12.6.4 Product: macOS Monterey Version: 12.6.4 CVE: CVE-2023-27934 Component: CoreServices Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: This issue was addressed with improved checks.

CVE-2023-32378 [HIGH] CVE-2023-32378: macOS Monterey 12.6.4 Apple Security Update: About the security content of macOS Monterey 12.6.4 Product: macOS Monterey Version: 12.6.4 CVE: CVE-2023-32378 Component: IOAcceleratorFamily Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use-after-free issue was addressed with improved memory management.