Apple Macos Ventura vulnerabilities

CVE-2022-42853 [MEDIUM] CVE-2022-42853: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42853 Component: Boot Camp Impact: An app may be able to modify protected parts of the file system Description: An access issue was addressed with improved access restrictions.

CVE-2022-32943 [MEDIUM] CVE-2022-32943: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-32943 Component: Photos Impact: Shake-to-undo may allow a deleted photo to be re-surfaced without authentication Description: The issue was addressed with improved bounds checks.

CVE-2022-42866 [MEDIUM] CVE-2022-42866: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42866 Component: Weather Impact: An app may be able to read sensitive location information Description: The issue was addressed with improved handling of caches.

CVE-2022-46698 [MEDIUM] CVE-2022-46698: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46698 Component: WebKit Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A logic issue was addressed with improved checks.

CVE-2022-46704 [MEDIUM] CVE-2022-46704: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46704 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: A logic issue was addressed with improved state management.

CVE-2022-46718 [MEDIUM] CVE-2022-46718: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46718 Component: TCC Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved restrictions.

CVE-2022-46692 [MEDIUM] CVE-2022-46692: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46692 Component: WebKit Impact: Processing maliciously crafted web content may bypass Same Origin Policy Description: A logic issue was addressed with improved state management.

CVE-2022-42852 [MEDIUM] CVE-2022-42852: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42852 Component: WebKit Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: The issue was addressed with improved memory handling.

CVE-2022-46703 [MEDIUM] CVE-2022-46703: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46703 Component: Weather Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved restrictions.

CVE-2022-42862 [MEDIUM] CVE-2022-42862: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42862 Component: Printing Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed by removing the vulnerable code.

CVE-2022-48610 [MEDIUM] CVE-2022-48610: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-48610 Component: Maps Impact: An app may be able to access user-sensitive data Description: This issue was addressed through improved state management.

CVE-2022-46695 [MEDIUM] CVE-2022-46695: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46695 Component: Safari Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

CVE-2022-32919 [MEDIUM] CVE-2022-32919: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-32919 Component: WebKit Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: The issue was addressed with improved UI handling.

CVE-2022-46705 [MEDIUM] CVE-2022-46705: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46705 Component: WebKit Impact: Visiting a malicious website may lead to address bar spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

CVE-2022-46710 [MEDIUM] CVE-2022-46710: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46710 Component: DriverKit Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2022-46725 [MEDIUM] CVE-2022-46725: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-46725 Component: WebKit Impact: Visiting a malicious website may lead to address bar spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

CVE-2022-42854 [MEDIUM] CVE-2022-42854: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42854 Component: Bluetooth Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling.

CVE-2022-42843 [MEDIUM] CVE-2022-42843: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42843 Component: Accounts Impact: A user may be able to view sensitive user information Description: This issue was addressed with improved data protection.

CVE-2022-42865 [MEDIUM] CVE-2022-42865: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-42865 Component: AppleMobileFileIntegrity Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed by enabling hardened runtime.

CVE-2022-35252 [LOW] CVE-2022-35252: macOS Ventura 13.1 Apple Security Update: About the security content of macOS Ventura 13.1 Product: macOS Ventura Version: 13.1 CVE: CVE-2022-35252 Component: CVE-2022-35252