Apple Macos Ventura vulnerabilities

CVE-2024-23267 [MEDIUM] CVE-2024-23267: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23267 Component: PackageKit Impact: An app may be able to bypass certain Privacy preferences Description: The issue was addressed with improved checks.

CVE-2024-23264 [MEDIUM] CVE-2024-23264: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23264 Component: Metal Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization.

CVE-2024-23230 [MEDIUM] CVE-2024-23230: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23230 Component: SharedFileList Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved file handling.

CVE-2023-28826 [MEDIUM] CVE-2023-28826: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2023-28826 Component: MediaRemote Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-23269 [MEDIUM] CVE-2024-23269: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23269 Component: AppleMobileFileIntegrity Impact: An app may be able to modify protected parts of the file system Description: A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.

CVE-2024-23218 [MEDIUM] CVE-2024-23218: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23218 Component: CoreCrypto Impact: An attacker may be able to decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private key Description: A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions.

CVE-2024-23272 [MEDIUM] CVE-2024-23272: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23272 Component: Storage Services Impact: An attacker may gain access to protected parts of the file system Description: A logic issue was addressed with improved checks.

CVE-2024-23275 [MEDIUM] CVE-2024-23275: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23275 Component: PackageKit Impact: An app may be able to access protected user data Description: A race condition was addressed with additional validation.

CVE-2024-23229 [MEDIUM] CVE-2024-23229: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23229 Component: Find My Impact: A malicious application may be able to access Find My data Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-40389 [MEDIUM] CVE-2023-40389: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2023-40389 Component: Transparency Impact: An app may be able to access sensitive user data Description: The issue was addressed with improved restriction of data container access.

CVE-2024-23283 [MEDIUM] CVE-2024-23283: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23283 Component: CVE-2024-23283

CVE-2024-23227 [LOW] CVE-2024-23227: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23227 Component: Airport Impact: An app may be able to read sensitive location information Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-23257 [LOW] CVE-2024-23257: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23257 Component: ImageIO Impact: Processing an image may result in disclosure of process memory Description: The issue was addressed with improved memory handling.

CVE-2024-23217 [LOW] CVE-2024-23217: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23217 Component: Shortcuts Impact: An app may be able to bypass certain Privacy preferences Description: A privacy issue was addressed with improved handling of temporary files.

CVE-2024-23245 [LOW] CVE-2024-23245: macOS Ventura 13.6.5 Apple Security Update: About the security content of macOS Ventura 13.6.5 Product: macOS Ventura Version: 13.6.5 CVE: CVE-2024-23245 Component: Shortcuts Impact: Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent Description: This issue was addressed by adding an additional prompt for user consent.

CVE-2023-38545 [CRITICAL] CVE-2023-38545: macOS Ventura 13.6.4 Apple Security Update: About the security content of macOS Ventura 13.6.4 Product: macOS Ventura Version: 13.6.4 CVE: CVE-2023-38545 Component: CVE-2023-38545

CVE-2024-23222 [HIGH] CVE-2024-23222: macOS Ventura 13.6.4 Apple Security Update: About the security content of macOS Ventura 13.6.4 Product: macOS Ventura Version: 13.6.4 CVE: CVE-2024-23222 Component: CVE-2024-23222

CVE-2024-27791 [HIGH] CVE-2024-27791: macOS Ventura 13.6.4 Apple Security Update: About the security content of macOS Ventura 13.6.4 Product: macOS Ventura Version: 13.6.4 CVE: CVE-2024-27791 Component: Power Manager Impact: An app may be able to corrupt coprocessor memory Description: The issue was addressed with improved checks.

CVE-2023-38039 [HIGH] CVE-2023-38039: macOS Ventura 13.6.4 Apple Security Update: About the security content of macOS Ventura 13.6.4 Product: macOS Ventura Version: 13.6.4 CVE: CVE-2023-38039 Component: CVE-2023-38039

CVE-2024-23212 [HIGH] CVE-2024-23212: macOS Ventura 13.6.4 Apple Security Update: About the security content of macOS Ventura 13.6.4 Product: macOS Ventura Version: 13.6.4 CVE: CVE-2024-23212 Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.