Apple Macos Sonoma vulnerabilities

CVE-2023-42974 [HIGH] CVE-2023-42974: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-42974 Component: IOUSBDeviceFamily Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved state handling.

CVE-2023-42904 [HIGH] CVE-2023-42904: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-42904 Component: AppleGraphicsControl Impact: Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution Description: Multiple memory corruption issues were addressed with improved input validation.

CVE-2023-42903 [HIGH] CVE-2023-42903: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-42903 Component: AppleGraphicsControl Impact: Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution Description: Multiple memory corruption issues were addressed with improved input validation.

CVE-2023-42905 [HIGH] CVE-2023-42905: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-42905 Component: AppleGraphicsControl Impact: Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution Description: Multiple memory corruption issues were addressed with improved input validation.

CVE-2023-43010 [HIGH] CVE-2023-43010: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-43010 Component: WebKit Impact: Processing maliciously crafted web content may lead to memory corruption. Description: The issue was addressed with improved memory handling.

CVE-2023-42909 [HIGH] CVE-2023-42909: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-42909 Component: AppleGraphicsControl Impact: Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution Description: Multiple memory corruption issues were addressed with improved input validation.

CVE-2023-42913 [HIGH] CVE-2023-42913: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-42913 Component: System Settings Impact: Remote Login sessions may be able to obtain full disk access permissions Description: This issue was addressed through improved state management.

CVE-2023-42886 [HIGH] CVE-2023-42886: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-42886 Component: CoreServices Impact: A user may be able to cause unexpected app termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2023-42899 [HIGH] CVE-2023-42899: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-42899 Component: ImageIO Impact: Processing an image may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2023-42956 [MEDIUM] CVE-2023-42956: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-42956 Component: WebKit Impact: Processing web content may lead to a denial-of-service Description: The issue was addressed with improved memory handling.

CVE-2023-42888 [MEDIUM] CVE-2023-42888: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-42888 Component: ImageIO Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: The issue was addressed with improved checks.

CVE-2023-42891 [MEDIUM] CVE-2023-42891: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-42891 Component: IOKit Impact: An app may be able to monitor keystrokes without user permission Description: An authentication issue was addressed with improved state management.

CVE-2023-40390 [MEDIUM] CVE-2023-40390: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-40390 Component: Share Sheet Impact: An app may be able to access user-sensitive data Description: A privacy issue was addressed by moving sensitive data to a protected location.

CVE-2023-40389 [MEDIUM] CVE-2023-40389: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-40389 Component: Transparency Impact: An app may be able to access sensitive user data Description: The issue was addressed with improved restriction of data container access.

CVE-2023-3618 [MEDIUM] CVE-2023-3618: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-3618 Component: CVE-2023-3618 Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution Description: This issue was addressed with improved checks.

CVE-2023-42922 [MEDIUM] CVE-2023-42922: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-42922 Component: Find My Impact: An app may be able to read sensitive location information Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-42896 [MEDIUM] CVE-2023-42896: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-42896 Component: Assets Impact: An app may be able to modify protected parts of the file system Description: An issue was addressed with improved handling of temporary files.

CVE-2023-42936 [MEDIUM] CVE-2023-42936: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-42936 Component: Sandbox Impact: An app may be able to access user-sensitive data Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-42900 [MEDIUM] CVE-2023-42900: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2023-42900 Component: CoreMedia Playback Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks.

CVE-2020-19186 [MEDIUM] CVE-2020-19186: macOS Sonoma 14.2 Apple Security Update: About the security content of macOS Sonoma 14.2 Product: macOS Sonoma Version: 14.2 CVE: CVE-2020-19186 Component: CVE-2020-19186