Apple Macos Ventura vulnerabilities

CVE-2023-32407 [MEDIUM] CVE-2023-32407: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-32407 Component: Metal Impact: An app may be able to bypass Privacy preferences Description: A logic issue was addressed with improved state management.

CVE-2023-32415 [MEDIUM] CVE-2023-32415: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-32415 Component: Weather Impact: An app may be able to read sensitive location information Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-32400 [MEDIUM] CVE-2023-32400: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-32400 Component: Accessibility Impact: Entitlements and privacy permissions granted to this app may be used by a malicious app Description: This issue was addressed with improved checks.

CVE-2023-32372 [MEDIUM] CVE-2023-32372: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-32372 Component: ImageIO Impact: Processing an image may result in disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-32408 [MEDIUM] CVE-2023-32408: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-32408 Component: TV App Impact: An app may be able to read sensitive location information Description: The issue was addressed with improved handling of caches.

CVE-2023-32371 [MEDIUM] CVE-2023-32371: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-32371 Component: Associated Domains Impact: An app may be able to break out of its sandbox Description: The issue was addressed with improved checks.

CVE-2023-32385 [MEDIUM] CVE-2023-32385: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-32385 Component: PDFKit Impact: Opening a PDF file may lead to unexpected app termination Description: A denial-of-service issue was addressed with improved memory handling.

CVE-2023-32402 [MEDIUM] CVE-2023-32402: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-32402 Component: WebKit Impact: Processing web content may disclose sensitive information Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-28191 [MEDIUM] CVE-2023-28191: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-28191 Component: CoreServices Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-32411 [MEDIUM] CVE-2023-32411: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-32411 Component: AppleMobileFileIntegrity Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed with improved entitlements.

CVE-2023-34352 [MEDIUM] CVE-2023-34352: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-34352 Component: Accounts Impact: An attacker may be able to leak user account emails Description: A permissions issue was addressed with improved redaction of sensitive information.

CVE-2023-32368 [MEDIUM] CVE-2023-32368: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-32368 Component: Model I/O Impact: Processing a 3D model may result in disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-32395 [MEDIUM] CVE-2023-32395: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-32395 Component: Perl Impact: An app may be able to modify protected parts of the file system Description: A logic issue was addressed with improved state management.

CVE-2023-32367 [MEDIUM] CVE-2023-32367: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-32367 Component: Security Impact: An app may be able to access user-sensitive data Description: This issue was addressed with improved entitlements.

CVE-2023-32355 [MEDIUM] CVE-2023-32355: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-32355 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: A logic issue was addressed with improved state management.

CVE-2023-32388 [MEDIUM] CVE-2023-32388: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-32388 Component: Accessibility Impact: An app may be able to bypass Privacy preferences Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-32403 [MEDIUM] CVE-2023-32403: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-32403 Component: NetworkExtension Impact: An app may be able to read sensitive location information Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-27940 [MEDIUM] CVE-2023-27940: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-27940 Component: Kernel Impact: A sandboxed app may be able to observe system-wide network connections Description: The issue was addressed with additional permissions checks.

CVE-2023-32410 [MEDIUM] CVE-2023-32410: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-32410 Component: IOSurface Impact: An app may be able to leak sensitive kernel state Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-32404 [MEDIUM] CVE-2023-32404: macOS Ventura 13.4 Apple Security Update: About the security content of macOS Ventura 13.4 Product: macOS Ventura Version: 13.4 CVE: CVE-2023-32404 Component: Shortcuts Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed with improved entitlements.