Apple Macos Ventura vulnerabilities

CVE-2023-41990 [HIGH] CVE-2023-41990: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-41990 Component: FontParser Impact: Processing a font file may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1. Description: The issue was addressed with improved handling of caches.

CVE-2023-23497 [HIGH] CVE-2023-23497: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23497 Component: PackageKit Impact: An app may be able to gain root privileges Description: A logic issue was addressed with improved state management.

CVE-2023-23496 [HIGH] CVE-2023-23496: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23496 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: The issue was addressed with improved checks.

CVE-2023-23517 [HIGH] CVE-2023-23517: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23517 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2023-32393 [HIGH] CVE-2023-32393: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-32393 Component: WebKit Impact: Processing web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2023-23531 [HIGH] CVE-2023-23531: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23531 Component: Foundation Impact: An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges Description: The issue was addressed with improved memory handling.

CVE-2023-23518 [HIGH] CVE-2023-23518: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23518 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2023-23516 [HIGH] CVE-2023-23516: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23516 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-23504 [HIGH] CVE-2023-23504: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23504 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-23513 [MEDIUM] CVE-2023-23513: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23513 Component: CVE-2022-35260 Impact: Mounting a maliciously crafted Samba network share may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2023-23500 [MEDIUM] CVE-2023-23500: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23500 Component: Kernel Impact: An app may be able to leak sensitive kernel state Description: The issue was addressed with improved memory handling.

CVE-2023-23512 [MEDIUM] CVE-2023-23512: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23512 Component: Safari Impact: Visiting a website may lead to an app denial-of-service Description: The issue was addressed with improved handling of caches.

CVE-2022-3705 [MEDIUM] CVE-2022-3705: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2022-3705 Component: CVE-2022-3705

CVE-2023-23539 [MEDIUM] CVE-2023-23539: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23539 Component: CVE-2022-35260 Impact: Mounting a maliciously crafted Samba network share may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2023-23508 [MEDIUM] CVE-2023-23508: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23508 Component: Windows Installer Impact: An app may be able to bypass Privacy preferences. Description: The issue was addressed with improved memory handling.

CVE-2022-35260 [MEDIUM] CVE-2022-35260: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2022-35260 Component: CVE-2022-35260 Impact: Mounting a maliciously crafted Samba network share may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2023-23502 [MEDIUM] CVE-2023-23502: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23502 Component: Kernel Impact: An app may be able to determine kernel memory layout Description: An information disclosure issue was addressed by removing the vulnerable code.

CVE-2023-23520 [MEDIUM] CVE-2023-23520: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23520 Component: Crash Reporter Impact: A user may be able to read arbitrary files as root Description: A race condition was addressed with additional validation.

CVE-2023-23506 [MEDIUM] CVE-2023-23506: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23506 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-28208 [MEDIUM] CVE-2023-28208: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-28208 Component: Messages Impact: A user may send a text from a secondary eSIM despite configuring a contact to use a primary eSIM Description: A logic issue was addressed with improved state management.