Apple Macos Ventura vulnerabilities

CVE-2023-34241 [MEDIUM] CVE-2023-34241: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-34241 Component: CUPS Impact: A user in a privileged network position may be able to leak sensitive information Description: A logic issue was addressed with improved state management.

CVE-2023-38608 [MEDIUM] CVE-2023-38608: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-38608 Component: Voice Memos Impact: An app may be able to access user-sensitive data Description: The issue was addressed with additional permissions checks.

CVE-2023-32416 [MEDIUM] CVE-2023-32416: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-32416 Component: Find My Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved restrictions.

CVE-2023-28320 [MEDIUM] CVE-2023-28320: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-28320 Component: CVE-2023-28320

CVE-2023-38602 [MEDIUM] CVE-2023-38602: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-38602 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: A permissions issue was addressed with additional restrictions.

CVE-2023-1801 [MEDIUM] CVE-2023-1801: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-1801 Component: CVE-2023-1801

CVE-2023-32442 [MEDIUM] CVE-2023-32442: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-32442 Component: Shortcuts Impact: A shortcut may be able to modify sensitive Shortcuts app settings Description: An access issue was addressed with improved access restrictions.

CVE-2023-1916 [MEDIUM] CVE-2023-1916: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-1916 Component: CVE-2023-1916

CVE-2023-32429 [MEDIUM] CVE-2023-32429: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-32429 Component: SystemMigration Impact: An app may be able to bypass Privacy preferences Description: The issue was addressed with improved checks.

CVE-2023-32445 [MEDIUM] CVE-2023-32445: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-32445 Component: WebKit Impact: Processing a document may lead to a cross site scripting attack Description: This issue was addressed with improved checks.

CVE-2023-42829 [MEDIUM] CVE-2023-42829: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-42829 Component: OpenSSH Impact: An app may be able to access SSH passphrases Description: The issue was addressed with additional restrictions on the observability of app states.

CVE-2023-28321 [MEDIUM] CVE-2023-28321: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-28321 Component: CVE-2023-28321

CVE-2023-38258 [MEDIUM] CVE-2023-38258: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-38258 Component: Model I/O Impact: Processing a 3D model may result in disclosure of process memory Description: The issue was addressed with improved checks.

CVE-2023-36862 [MEDIUM] CVE-2023-36862: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-36862 Component: AppleMobileFileIntegrity Impact: An app may be able to determine a user’s current location Description: A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.

CVE-2023-38606 [MEDIUM] CVE-2023-38606: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-38606 Component: Kernel Impact: An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1. Description: This issue was addressed with improved state management.

CVE-2023-38593 [MEDIUM] CVE-2023-38593: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-38593 Component: Kernel Impact: A remote user may be able to cause a denial-of-service Description: The issue was addressed with improved checks.

CVE-2023-40437 [MEDIUM] CVE-2023-40437: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-40437 Component: Find My Impact: An app may be able to read sensitive location information Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-38259 [MEDIUM] CVE-2023-38259: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-38259 Component: PackageKit Impact: An app may be able to access user-sensitive data Description: A logic issue was addressed with improved restrictions.

CVE-2023-42831 [MEDIUM] CVE-2023-42831: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-42831 Component: Security Impact: An app may be able to fingerprint the user Description: This issue was addressed by removing the vulnerable code.

CVE-2023-38133 [MEDIUM] CVE-2023-38133: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-38133 Component: WebKit Web Inspector Impact: Processing web content may disclose sensitive information Description: The issue was addressed with improved checks.