Apple Macos Monterey vulnerabilities

CVE-2023-40403 [MEDIUM] CVE-2023-40403: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-40403 Component: Kernel Impact: A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. Description: The issue was addressed with improved checks.

CVE-2023-41232 [MEDIUM] CVE-2023-41232: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-41232 Component: Biometric Authentication Impact: An app may be able to disclose kernel memory Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2023-42961 [MEDIUM] CVE-2023-42961: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-42961 Component: Intents Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A path handling issue was addressed with improved validation.

CVE-2023-40395 [LOW] CVE-2023-40395: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-40395 Component: Game Center Impact: An app may be able to access contacts Description: The issue was addressed with improved handling of caches.

CVE-2023-38612 [LOW] CVE-2023-38612: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-38612 Component: Ask to Buy Impact: An app may be able to access protected user data Description: The issue was addressed with improved checks.

CVE-2023-40427 [LOW] CVE-2023-40427: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-40427 Component: Maps Impact: An app may be able to read sensitive location information Description: The issue was addressed with improved handling of caches.

CVE-2023-42969 [LOW] CVE-2023-42969: macOS Monterey 12.7 Apple Security Update: About the security content of macOS Monterey 12.7 Product: macOS Monterey Version: 12.7 CVE: CVE-2023-42969 Impact: An app may be able to break out of its sandbox Description: The issue was addressed with improved handling of caches.

CVE-2023-41064 [HIGH] CVE-2023-41064: macOS Monterey 12.6.9 Apple Security Update: About the security content of macOS Monterey 12.6.9 Product: macOS Monterey Version: 12.6.9 CVE: CVE-2023-41064 Component: ImageIO Impact: Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2023-34425 [CRITICAL] CVE-2023-34425: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-34425 Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-37285 [CRITICAL] CVE-2023-37285: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-37285 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2023-38598 [CRITICAL] CVE-2023-38598: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-38598 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-38604 [CRITICAL] CVE-2023-38604: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-38604 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2023-36495 [CRITICAL] CVE-2023-36495: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-36495 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: An integer overflow was addressed with improved input validation.

CVE-2023-38603 [HIGH] CVE-2023-38603: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-38603 Component: Kernel Impact: A remote user may be able to cause a denial-of-service Description: The issue was addressed with improved checks.

CVE-2023-38601 [HIGH] CVE-2023-38601: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-38601 Component: Net-SNMP Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed by removing the vulnerable code.

CVE-2023-32381 [HIGH] CVE-2023-32381: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-32381 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-32444 [HIGH] CVE-2023-32444: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-32444 Component: NSSpellChecker Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A logic issue was addressed with improved validation.

CVE-2023-2953 [HIGH] CVE-2023-2953: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-2953 Component: OpenLDAP Impact: A remote user may be able to cause a denial-of-service Description: The issue was addressed with improved memory handling.

CVE-2023-28319 [HIGH] CVE-2023-28319: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-28319 Component: CVE-2023-28319

CVE-2023-38565 [HIGH] CVE-2023-38565: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-38565 Component: Kernel Impact: A remote user may be able to cause a denial-of-service Description: The issue was addressed with improved checks.