Apple Macos Ventura vulnerabilities

CVE-2022-1420 [MEDIUM] CVE-2022-1420: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-1420 Component: CVE-2022-1420

CVE-2022-42788 [MEDIUM] CVE-2022-42788: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-42788 Component: Find My Impact: A malicious application may be able to read sensitive location information Description: A permissions issue existed. This issue was addressed with improved permission validation.

CVE-2022-32936 [MEDIUM] CVE-2022-32936: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-32936 Component: Intel Graphics Driver Impact: An app may be able to disclose kernel memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2022-42793 [MEDIUM] CVE-2022-42793: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-42793 Component: Security Impact: An app may be able to bypass code signing checks Description: An issue in code signature validation was addressed with improved checks.

CVE-2022-32928 [MEDIUM] CVE-2022-32928: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-32928 Component: Exchange Impact: A user in a privileged network position may be able to intercept mail credentials Description: A logic issue was addressed with improved restrictions.

CVE-2022-32918 [MEDIUM] CVE-2022-32918: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-32918 Component: Photos Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed with improved data protection.

CVE-2022-1674 [MEDIUM] CVE-2022-1674: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-1674 Component: CVE-2022-1674

CVE-2022-32833 [MEDIUM] CVE-2022-32833: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-32833 Component: WebKit Storage Impact: An app may be able to bypass Privacy preferences Description: The issue was addressed with improved handling of caches.

CVE-2022-32926 [MEDIUM] CVE-2022-32926: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-32926 Component: Kernel Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks.

CVE-2022-48505 [MEDIUM] CVE-2022-48505: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-48505 Component: System Settings Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed with improved data protection.

CVE-2022-32849 [MEDIUM] CVE-2022-32849: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-32849 Component: Heimdal Impact: A user may be able to cause unexpected app termination or arbitrary code execution Description: This issue was addressed with improved checks.

CVE-2022-42834 [LOW] CVE-2022-42834: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-42834 Component: Mail Impact: An app may be able to access mail folder attachments through a temporary directory used during compression Description: An access issue was addressed with improved access restrictions.

CVE-2022-32879 [LOW] CVE-2022-32879: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-32879 Component: Notifications Impact: A user with physical access to a device may be able to access contacts from the lock screen Description: A logic issue was addressed with improved state management.

CVE-2022-42838 [LOW] CVE-2022-42838: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-42838 Component: CoreMedia Impact: A camera extension may be able to continue receiving video after the app which activated was closed Description: An issue with app access to camera data was addressed with improved logic.

CVE-2022-32913 [LOW] CVE-2022-32913: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-32913 Component: Image Processing Impact: A sandboxed app may be able to determine which app is currently using the camera Description: The issue was addressed with additional restrictions on the observability of app states.

CVE-2022-32867 [LOW] CVE-2022-32867: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-32867 Component: Crash Reporter Impact: A user with physical access to an iOS device may be able to read past diagnostic logs Description: This issue was addressed with improved data protection.

CVE-2022-32870 [LOW] CVE-2022-32870: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-32870 Component: Siri Impact: A user with physical access to a device may be able to use Siri to obtain some call history information Description: A logic issue was addressed with improved state management.

CVE-2022-32876 [LOW] CVE-2022-32876: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-32876 Component: Shortcuts Impact: A shortcut may be able to view the hidden photos album without authentication Description: A logic issue was addressed with improved restrictions.

CVE-2022-32809 CVE-2022-32809: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-32809 Component: ImageIO Impact: Processing an image may lead to a denial-of-service Description: An out-of-bounds read was addressed with improved input validation.

CVE-2022-46707 CVE-2022-46707: macOS Ventura 13 Apple Security Update: About the security content of macOS Ventura 13 Product: macOS Ventura Version: 13 CVE: CVE-2022-46707 Component: Maps Impact: An app may be able to read sensitive location information Description: This issue was addressed with improved restrictions around sensitive information.