EUVD-2023-47294

Malicious code in bioql PyPI...

CVE-2023-42946

This issue was addressed with improved redaction of sensitive information. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to leak sensitive user information...

CVE-2023-42873

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. An app may be able to execute arbitrary code with kernel privileges...

Code injection

This issue was addressed with improved handling of symlinks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. A malicious app may be able to gain root privileges...

Default credentials

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. An app may be able to execute arbitrary code with kernel privileges...

CVE-2023-42873

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. An app may be able to execute arbitrary code with kernel privileges...

CVE-2023-42942

This issue was addressed with improved handling of symlinks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. A malicious app may be able to gain root privileges...

CVE-2023-42852

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution...

CVE-2023-40447

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution...

PT-2023-28623 · Apple · Ios +3

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 14.1 tvOS versions prior to 17.1 macOS Monterey versions prior to 12.7.1 iOS versions prior to 16.7.2 iPadOS versions prior to 16.7.2 iOS versions prior to 17.1 iPadOS versions prior to 17.1 macOS Ventura versions prio...

PT-2023-28616 · Apple · Macos Sonoma +6

Name of the Vulnerable Software and Affected Versions: watchOS versions prior to 10.1 macOS Sonoma versions prior to 14.1 tvOS versions prior to 17.1 iOS versions prior to 16.7.2 and prior to 17.1 iPadOS versions prior to 16.7.2 and prior to 17.1 macOS Ventura versions prior to 13.6.1 Description...

About the security content of tvOS 17.1

About the security content of tvOS 17.1 This document describes the security content of tvOS 17.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...