CVE-2023-42919

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, macOS Ventura 13.6.3, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. An app may be able to access sensitive user data...

CVE-2023-42936

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. An app may be able to access user-sensitive data...

CVE-2023-42936

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. An app may be able to access user-sensitive data...

Code injection

A privacy issue was addressed with improved handling of files. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data...

CVE-2023-42836

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.2. An attacker may be able to access connected network volumes mounted in the home directory...

CVE-2023-42836

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.2. An attacker may be able to access connected network volumes mounted in the home directory...

CVE-2023-42932

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to access protected user data...

CVE-2023-42919

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, macOS Ventura 13.6.3, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. An app may be able to access sensitive user data...

CVE-2023-42894

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to access information about a user's contacts...

CVE-2023-42886

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. A user may be able to cause unexpected app termination or arbitrary code execution...

Code injection

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, macOS Ventura 13.6.3, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. An app may be able to access sensitive user data...

Information disclosure

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, macOS Ventura 13.6.3, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. An app may be able to read sensitive location information...

Code injection

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, macOS Ventura 13.6.3, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. Processing an image may lead to arbitrary code execution...

Design/Logic Flaw

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, macOS Ventura 13.6.3, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. An app may be able to break out of its sandbox...

CVE-2023-42886

CVE-2023-42886 is an out-of-bounds read in Apple macOS components (notably CoreServices) that could lead to unexpected app termination or arbitrary code execution. Technical details across connected docs show a fix via improved bounds checking, with patches in macOS Sonoma 14.2, macOS Ventura 13....

CVE-2023-42899

CVE-2023-42899 concerns an issue in Apple software where processing an image may lead to arbitrary code execution due to improved memory handling. The fixed products/versions include macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2, iOS 16.7.3 and iOS 17.2, iPadOS 16.7.3 and iPadOS ...

CVE-2023-42914

CVE-2023-42914 is an Apple sandbox-related issue addressed by improved memory handling. Affected platforms include macOS Ventura 13.6.3, macOS Monterey 12.7.2, macOS Sonoma 14.2, iOS 16.7.3 and 17.2 (and iPadOS 16.7.3 and 17.2), watchOS 10.2, and tvOS 17.2. The fixed versions indicate a sandbox e...

CVE-2023-42914

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, macOS Ventura 13.6.3, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. An app may be able to break out of its sandbox...

PT-2023-28629 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.7.2 macOS versions prior to 13.6.3 macOS versions prior to 14.2 Description: A use-after-free issue was addressed with improved memory management. This issue allows a local attacker to potentially elevate their...

PT-2023-7960 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 14.2 macOS Ventura versions prior to 13.6.3 macOS Monterey versions prior to 12.7.2 Description: The issue is related to insufficient protection of registration data in the AppleEvents component of macOS, which may all...