Apple Macos Ventura vulnerabilities

CVE-2023-23534 [MEDIUM] CVE-2023-23534: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-23534 Component: Carbon Core Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: The issue was addressed with improved checks.

CVE-2023-28178 [MEDIUM] CVE-2023-28178: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-28178 Component: Sandbox Impact: An app may be able to bypass Privacy preferences Description: A logic issue was addressed with improved validation.

CVE-2023-27931 [MEDIUM] CVE-2023-27931: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-27931 Component: AppleMobileFileIntegrity Impact: An app may be able to access user-sensitive data Description: This issue was addressed by removing the vulnerable code.

CVE-2023-27961 [MEDIUM] CVE-2023-27961: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-27961 Component: Calendar Impact: Importing a maliciously crafted calendar invitation may exfiltrate user information Description: Multiple validation issues were addressed with improved input sanitization.

CVE-2023-27956 [MEDIUM] CVE-2023-27956: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-27956 Component: FontParser Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: The issue was addressed with improved memory handling.

CVE-2023-28187 [MEDIUM] CVE-2023-28187: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-28187 Component: Kernel Impact: A user may be able to cause a denial-of-service Description: This issue was addressed with improved state management.

CVE-2023-23527 [MEDIUM] CVE-2023-23527: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-23527 Component: AppleMobileFileIntegrity Impact: A user may gain access to protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2023-23535 [MEDIUM] CVE-2023-23535: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-23535 Component: ImageIO Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: The issue was addressed with improved memory handling.

CVE-2023-40433 [MEDIUM] CVE-2023-40433: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-40433 Component: DesktopServices Impact: An app may bypass Gatekeeper checks Description: A logic issue was addressed with improved checks.

CVE-2023-27958 [MEDIUM] CVE-2023-27958: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-27958 Component: CVE-2022-43552 Impact: A remote attacker may be able to cause unexpected app termination or arbitrary code execution Description: A memory initialization issue was addressed.

CVE-2023-27951 [MEDIUM] CVE-2023-27951: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-27951 Component: Archive Utility Impact: An archive may be able to bypass Gatekeeper Description: The issue was addressed with improved checks.

CVE-2023-27942 [MEDIUM] CVE-2023-27942: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-27942 Component: Podcasts Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks.

CVE-2023-23538 [MEDIUM] CVE-2023-23538: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-23538 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: A logic issue was addressed with improved checks.

CVE-2023-27933 [MEDIUM] CVE-2023-27933: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-27933 Component: Kernel Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-27932 [MEDIUM] CVE-2023-27932: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-27932 Component: WebKit Impact: Processing maliciously crafted web content may bypass Same Origin Policy Description: This issue was addressed with improved state management.

CVE-2023-28182 [MEDIUM] CVE-2023-28182: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-28182 Component: NetworkExtension Impact: A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device Description: The issue was addressed with improved authentication.

CVE-2023-27948 [MEDIUM] CVE-2023-27948: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-27948 Component: ImageIO Impact: Processing an image may result in disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-28199 [MEDIUM] CVE-2023-28199: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-28199 Component: Kernel Impact: An app may be able to disclose kernel memory Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.

CVE-2023-42865 [MEDIUM] CVE-2023-42865: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-42865 Component: ImageIO Impact: Processing an image may result in disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-27941 [MEDIUM] CVE-2023-27941: macOS Ventura 13.3 Apple Security Update: About the security content of macOS Ventura 13.3 Product: macOS Ventura Version: 13.3 CVE: CVE-2023-27941 Component: Kernel Impact: An app may be able to disclose kernel memory Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.