Apple Macos Monterey vulnerabilities

CVE-2023-42936 [MEDIUM] CVE-2023-42936: macOS Monterey 12.7.2 Apple Security Update: About the security content of macOS Monterey 12.7.2 Product: macOS Monterey Version: 12.7.2 CVE: CVE-2023-42936 Component: Sandbox Impact: An app may be able to access user-sensitive data Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-42932 [MEDIUM] CVE-2023-42932: macOS Monterey 12.7.2 Apple Security Update: About the security content of macOS Monterey 12.7.2 Product: macOS Monterey Version: 12.7.2 CVE: CVE-2023-42932 Component: TCC Impact: An app may be able to access protected user data Description: A logic issue was addressed with improved checks.

CVE-2020-19189 [MEDIUM] CVE-2020-19189: macOS Monterey 12.7.2 Apple Security Update: About the security content of macOS Monterey 12.7.2 Product: macOS Monterey Version: 12.7.2 CVE: CVE-2020-19189 Component: CVE-2020-19189

CVE-2020-19188 [MEDIUM] CVE-2020-19188: macOS Monterey 12.7.2 Apple Security Update: About the security content of macOS Monterey 12.7.2 Product: macOS Monterey Version: 12.7.2 CVE: CVE-2020-19188 Component: CVE-2020-19188

CVE-2023-42891 [MEDIUM] CVE-2023-42891: macOS Monterey 12.7.2 Apple Security Update: About the security content of macOS Monterey 12.7.2 Product: macOS Monterey Version: 12.7.2 CVE: CVE-2023-42891 Component: IOKit Impact: An app may be able to monitor keystrokes without user permission Description: An authentication issue was addressed with improved state management.

CVE-2020-19185 [MEDIUM] CVE-2020-19185: macOS Monterey 12.7.2 Apple Security Update: About the security content of macOS Monterey 12.7.2 Product: macOS Monterey Version: 12.7.2 CVE: CVE-2020-19185 Component: CVE-2020-19185

CVE-2023-40446 [HIGH] CVE-2023-40446: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-40446 Component: Foundation Impact: A website may be able to access sensitive user data when resolving symlinks Description: This issue was addressed with improved handling of symlinks.

CVE-2023-42844 [HIGH] CVE-2023-42844: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-42844 Component: Foundation Impact: A website may be able to access sensitive user data when resolving symlinks Description: This issue was addressed with improved handling of symlinks.

CVE-2023-42873 [HIGH] CVE-2023-42873: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-42873 Component: Pro Res Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks.

CVE-2023-40423 [HIGH] CVE-2023-40423: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-40423 Component: IOTextEncryptionFamily Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-42856 [HIGH] CVE-2023-42856: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-42856 Component: Model I/O Impact: Processing a file may lead to unexpected app termination or arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2023-40416 [MEDIUM] CVE-2023-40416: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-40416 Component: ImageIO Impact: Processing an image may result in disclosure of process memory Description: The issue was addressed with improved memory handling.

CVE-2023-42849 [MEDIUM] CVE-2023-42849: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-42849 Component: Kernel Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations Description: The issue was addressed with improved memory handling.

CVE-2023-40421 [MEDIUM] CVE-2023-40421: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-40421 Component: CVE-2023-36191 Impact: An app may be able to access sensitive user data Description: A permissions issue was addressed with additional restrictions.

CVE-2023-42889 [MEDIUM] CVE-2023-42889: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-42889 Component: PackageKit Impact: An app may be able to bypass certain Privacy preferences Description: The issue was addressed with improved checks.

CVE-2023-40413 [MEDIUM] CVE-2023-40413: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-40413 Component: Find My Impact: An app may be able to read sensitive location information Description: The issue was addressed with improved handling of caches.

CVE-2023-42877 [MEDIUM] CVE-2023-42877: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-42877 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2023-40449 [MEDIUM] CVE-2023-40449: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-40449 Component: CoreAnimation Impact: An app may be able to cause a denial-of-service Description: The issue was addressed with improved memory handling.

CVE-2023-40425 [MEDIUM] CVE-2023-40425: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-40425 Component: Sandbox Impact: An app with root privileges may be able to access private information Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-42858 [MEDIUM] CVE-2023-42858: macOS Monterey 12.7.1 Apple Security Update: About the security content of macOS Monterey 12.7.1 Product: macOS Monterey Version: 12.7.1 CVE: CVE-2023-42858 Component: WindowServer Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks.