Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Macos
Total 3589 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-42841 1 Apple 3 Ipados, Iphone Os, Macos 2024-11-21 N/A 7.8 HIGH
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1. An app may be able to execute arbitrary code with kernel privileges.
CVE-2023-42833 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2024-11-21 N/A 8.8 HIGH
A correctness issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14, Safari 17, iOS 17 and iPadOS 17. Processing web content may lead to arbitrary code execution.
CVE-2023-42832 1 Apple 1 Macos 2024-11-21 N/A 7.0 HIGH
A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to gain root privileges.
CVE-2023-42831 1 Apple 3 Ipados, Iphone Os, Macos 2024-11-21 N/A 5.5 MEDIUM
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to fingerprint the user.
CVE-2023-42830 1 Apple 3 Ipados, Iphone Os, Macos 2024-11-21 N/A 3.3 LOW
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. An app may be able to read sensitive location information.
CVE-2023-42829 1 Apple 1 Macos 2024-11-21 N/A 5.5 MEDIUM
The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to access SSH passphrases.
CVE-2023-42828 1 Apple 1 Macos 2024-11-21 N/A 7.8 HIGH
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.5. An app may be able to gain root privileges.
CVE-2023-42826 1 Apple 1 Macos 2024-11-21 N/A 7.8 HIGH
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing a file may lead to arbitrary code execution.
CVE-2023-42526 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, Windows and 7 more 2024-11-21 N/A 7.5 HIGH
Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-42525 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, Windows and 7 more 2024-11-21 N/A 7.5 HIGH
Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file types. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-42524 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, Windows and 7 more 2024-11-21 N/A 7.5 HIGH
Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file types. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-42523 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, Windows and 7 more 2024-11-21 N/A 7.5 HIGH
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of a PE file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-42522 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, Windows and 7 more 2024-11-21 N/A 7.5 HIGH
Certain WithSecure products allow a remote crash of a scanning engine via processing of an import struct in a PE file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-42521 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, Windows and 7 more 2024-11-21 N/A 7.5 HIGH
Certain WithSecure products allow a remote crash of a scanning engine via processing of a compressed file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-42520 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, Windows and 7 more 2024-11-21 N/A 7.5 HIGH
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-42438 1 Apple 1 Macos 2024-11-21 N/A 4.3 MEDIUM
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. Visiting a malicious website may lead to user interface spoofing.
CVE-2023-41997 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2024-11-21 N/A 4.6 MEDIUM
This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data.
CVE-2023-41996 1 Apple 1 Macos 2024-11-21 N/A 5.5 MEDIUM
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6. Apps that fail verification checks may still launch.
CVE-2023-41995 1 Apple 3 Ipados, Iphone Os, Macos 2024-11-21 N/A 7.8 HIGH
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges.
CVE-2023-41994 1 Apple 1 Macos 2024-11-21 N/A 5.5 MEDIUM
A logic issue was addressed with improved checks This issue is fixed in macOS Sonoma 14. A camera extension may be able to access the camera view from apps other than the app for which it was granted permission.