Apple Macos Ventura vulnerabilities

CVE-2023-23510 [MEDIUM] CVE-2023-23510: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23510 Component: Safari Impact: An app may be able to access a user’s Safari history Description: A permissions issue was addressed with improved validation.

CVE-2023-32438 [MEDIUM] CVE-2023-32438: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-32438 Component: AppleMobileFileIntegrity Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed with improved checks to prevent unauthorized actions.

CVE-2023-23499 [MEDIUM] CVE-2023-23499: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23499 Component: AppleMobileFileIntegrity Impact: An app may be able to access user-sensitive data Description: This issue was addressed by enabling hardened runtime.

CVE-2023-23511 [MEDIUM] CVE-2023-23511: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23511 Component: Weather Impact: An app may be able to bypass Privacy preferences Description: The issue was addressed with improved memory handling.

CVE-2023-23503 [MEDIUM] CVE-2023-23503: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23503 Component: Maps Impact: An app may be able to bypass Privacy preferences Description: A logic issue was addressed with improved state management.

CVE-2022-0108 [MEDIUM] CVE-2022-0108: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2022-0108 Component: WebKit Impact: An HTML document may be able to render iframes with sensitive user information Description: This issue was addressed with improved iframe sandbox enforcement.

CVE-2023-23501 [MEDIUM] CVE-2023-23501: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23501 Component: Wi-Fi Impact: An app may be able to disclose kernel memory. Description: The issue was addressed with improved memory handling

CVE-2023-23505 [LOW] CVE-2023-23505: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23505 Component: Screen Time Impact: An app may be able to access information about a user’s contacts Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-23498 [LOW] CVE-2023-23498: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23498 Component: Mail Drafts Impact: The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account Description: A logic issue was addressed with improved state management.

CVE-2023-23493 [LOW] CVE-2023-23493: macOS Ventura 13.2 Apple Security Update: About the security content of macOS Ventura 13.2 Product: macOS Ventura Version: 13.2 CVE: CVE-2023-23493 Component: DiskArbitration Impact: An encrypted volume may be unmounted and remounted by a different user without prompting for the password Description: A logic issue was addressed with improved state management.

CVE-2022-42842 [CRITICAL] CVE-2022-42842: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42842 Component: Kernel Impact: A remote user may be able to cause kernel code execution Description: The issue was addressed with improved memory handling.

CVE-2022-42837 [CRITICAL] CVE-2022-42837: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42837 Component: IOMobileFrameBuffer Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds access issue was addressed with improved bounds checking.

CVE-2022-42845 [HIGH] CVE-2022-42845: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42845 Component: Kernel Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2022-42840 [HIGH] CVE-2022-42840: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42840 Component: Photos Impact: Shake-to-undo may allow a deleted photo to be re-surfaced without authentication Description: The issue was addressed with improved bounds checks.

CVE-2022-46690 [HIGH] CVE-2022-46690: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46690 Component: IOMobileFrameBuffer Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2022-46700 [HIGH] CVE-2022-46700: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46700 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation.

CVE-2022-46697 [HIGH] CVE-2022-46697: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46697 Component: IOMobileFrameBuffer Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds access issue was addressed with improved bounds checking.

CVE-2022-46701 [HIGH] CVE-2022-46701: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46701 Component: Kernel Impact: Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges Description: The issue was addressed with improved bounds checks.

CVE-2022-29181 [HIGH] CVE-2022-29181: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-29181 Component: CVE-2022-29181

CVE-2022-46720 [HIGH] CVE-2022-46720: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46720 Component: DriverKit Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.