Apple Macos Ventura vulnerabilities

CVE-2024-27840 [MEDIUM] CVE-2024-27840: macOS Ventura 13.6.7 Apple Security Update: About the security content of macOS Ventura 13.6.7 Product: macOS Ventura Version: 13.6.7 CVE: CVE-2024-27840 Component: Kernel Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory protections Description: The issue was addressed with improved memory handling.

CVE-2024-27799 [LOW] CVE-2024-27799: macOS Ventura 13.6.7 Apple Security Update: About the security content of macOS Ventura 13.6.7 Product: macOS Ventura Version: 13.6.7 CVE: CVE-2024-27799 Component: IOHIDFamily Impact: An unprivileged app may be able to log keystrokes in other apps including those using secure input mode Description: This issue was addressed with additional entitlement checks.

CVE-2024-1580 [MEDIUM] CVE-2024-1580: macOS Ventura 13.6.6 Apple Security Update: About the security content of macOS Ventura 13.6.6 Product: macOS Ventura Version: 13.6.6 CVE: CVE-2024-1580 Component: CoreMedia Impact: Processing an image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2024-23216 [HIGH] CVE-2024-23216: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23216 Component: PackageKit Impact: An app may be able to overwrite arbitrary files Description: A path handling issue was addressed with improved validation.

CVE-2024-23203 [HIGH] CVE-2024-23203: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23203 Component: Shortcuts Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: The issue was addressed with additional permissions checks.

CVE-2024-23299 [HIGH] CVE-2024-23299: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23299 Component: Disk Images Impact: An app may be able to break out of its sandbox Description: The issue was addressed with improved checks.

CVE-2024-23247 [HIGH] CVE-2024-23247: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23247 Component: ColorSync Impact: Processing a file may lead to unexpected app termination or arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2024-23268 [HIGH] CVE-2024-23268: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23268 Component: PackageKit Impact: An app may be able to elevate privileges Description: An injection issue was addressed with improved input validation.

CVE-2024-23274 [HIGH] CVE-2024-23274: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23274 Component: PackageKit Impact: An app may be able to elevate privileges Description: An injection issue was addressed with improved input validation.

CVE-2024-23278 [HIGH] CVE-2024-23278: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23278 Component: CVE-2024-23225 Impact: An app may be able to cause a denial-of-service Description: A permissions issue was addressed with additional restrictions.

CVE-2024-23286 [HIGH] CVE-2024-23286: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23286 Component: ImageIO Impact: Processing an image may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2024-23265 [HIGH] CVE-2024-23265: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23265 Component: Kernel Impact: An app may be able to cause unexpected system termination or write kernel memory Description: A memory corruption vulnerability was addressed with improved locking.

CVE-2024-23276 [HIGH] CVE-2024-23276: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23276 Component: Admin Framework Impact: An app may be able to elevate privileges Description: A logic issue was addressed with improved checks.

CVE-2024-23204 [HIGH] CVE-2024-23204: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23204 Component: Shortcuts Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: The issue was addressed with additional permissions checks.

CVE-2024-23270 [HIGH] CVE-2024-23270: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23270 Component: Image Processing Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2024-23225 [HIGH] CVE-2024-23225: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23225 Component: CVE-2024-23225 Impact: An app may be able to cause a denial-of-service Description: A permissions issue was addressed with additional restrictions.

CVE-2024-23201 [MEDIUM] CVE-2024-23201: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23201 Component: CVE-2024-23225 Impact: An app may be able to cause a denial-of-service Description: A permissions issue was addressed with additional restrictions.

CVE-2024-23266 [MEDIUM] CVE-2024-23266: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23266 Component: Kerberos v5 PAM module Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2024-23234 [MEDIUM] CVE-2024-23234: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23234 Component: Intel Graphics Driver Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2024-23231 [MEDIUM] CVE-2024-23231: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23231 Component: Share Sheet Impact: An app may be able to access user-sensitive data Description: A privacy issue was addressed with improved private data redaction for log entries.