Apple Macos Ventura vulnerabilities

CVE-2022-46693 [HIGH] CVE-2022-46693: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46693 Component: ImageIO Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2022-48618 [HIGH] CVE-2022-48618: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-48618 Component: Kernel Impact: An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited against versions of iOS released before iOS 15.7.1. Description: The issue was addressed with improved checks.

CVE-2022-42855 [HIGH] CVE-2022-42855: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42855 Component: Preferences Impact: An app may be able to use arbitrary entitlements Description: A logic issue was addressed with improved state management.

CVE-2022-42863 [HIGH] CVE-2022-42863: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42863 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management.

CVE-2022-46691 [HIGH] CVE-2022-46691: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46691 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory consumption issue was addressed with improved memory handling.

CVE-2022-42858 [HIGH] CVE-2022-42858: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42858 Component: AMD Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation.

CVE-2022-42847 [HIGH] CVE-2022-42847: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42847 Component: AMD Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2022-46696 [HIGH] CVE-2022-46696: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46696 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation.

CVE-2022-46716 [HIGH] CVE-2022-46716: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46716 Component: CVE-2022-46716

CVE-2022-46699 [HIGH] CVE-2022-46699: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46699 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management.

CVE-2022-42867 [HIGH] CVE-2022-42867: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42867 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management.

CVE-2022-46689 [HIGH] CVE-2022-46689: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46689 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with additional validation.

CVE-2022-24836 [HIGH] CVE-2022-24836: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-24836 Component: CVE-2022-24836

CVE-2022-42864 [HIGH] CVE-2022-42864: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42864 Component: IOHIDFamily Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved state handling.

CVE-2022-42856 [HIGH] CVE-2022-42856: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42856 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1. Description: A type confusion issue was addressed with improved state handling.

CVE-2022-43454 [HIGH] CVE-2022-43454: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-43454 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: A double free issue was addressed with improved memory management.

CVE-2022-42861 [HIGH] CVE-2022-42861: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42861 Component: Kernel Impact: An app may be able to break out of its sandbox Description: This issue was addressed with improved checks.

CVE-2022-42841 [HIGH] CVE-2022-42841: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42841 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1. Description: A type confusion issue was addressed with improved state handling.

CVE-2022-32942 [HIGH] CVE-2022-32942: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-32942 Component: DriverKit Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2022-42859 [MEDIUM] CVE-2022-42859: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42859 Component: CoreServices Impact: An app may be able to bypass Privacy preferences Description: Multiple issues were addressed by removing the vulnerable code.