admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-06-23 18:00:45 +00:00
parent bf2ee073b9
commit 7c48ba2002
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
77 changed files with 6796 additions and 235 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
2022/22xxx/CVE-2022-22630.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-22630", "ID": "CVE-2022-22630",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "2022"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote user may cause an unexpected app termination or arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213183",
"name": "https://support.apple.com/en-us/HT213183"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213255",
"name": "https://support.apple.com/en-us/HT213255"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213256",
"name": "https://support.apple.com/en-us/HT213256"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.6, macOS Monterey 12.3, Security Update 2022-004 Catalina. A remote user may cause an unexpected app termination or arbitrary code execution"
} }
] ]
} }

51
2022/42xxx/CVE-2022-42792.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-42792", "ID": "CVE-2022-42792",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to read sensitive location information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213489",
"name": "https://support.apple.com/en-us/HT213489"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "This issue was addressed with improved data protection. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to read sensitive location information"
} }
] ]
} }

51
2022/42xxx/CVE-2022-42807.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-42807", "ID": "CVE-2022-42807",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A user may accidentally add a participant to a Shared Album by pressing the Delete key"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213488",
"name": "https://support.apple.com/en-us/HT213488"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13. A user may accidentally add a participant to a Shared Album by pressing the Delete key"
} }
] ]
} }

83
2022/42xxx/CVE-2022-42834.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-42834", "ID": "CVE-2022-42834",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to access mail folder attachments through a temporary directory used during compression"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213488",
"name": "https://support.apple.com/en-us/HT213488"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213603",
"name": "https://support.apple.com/en-us/HT213603"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213604",
"name": "https://support.apple.com/en-us/HT213604"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13, macOS Big Sur 11.7.3. An app may be able to access mail folder attachments through a temporary directory used during compression"
} }
] ]
} }

83
2022/42xxx/CVE-2022-42860.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-42860", "ID": "CVE-2022-42860",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to modify protected parts of the file system"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213488",
"name": "https://support.apple.com/en-us/HT213488"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213493",
"name": "https://support.apple.com/en-us/HT213493"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213494",
"name": "https://support.apple.com/en-us/HT213494"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Monterey 12.6.1, macOS Big Sur 11.7.1, macOS Ventura 13. An app may be able to modify protected parts of the file system"
} }
] ]
} }

51
2022/46xxx/CVE-2022-46715.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-46715", "ID": "CVE-2022-46715",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to bypass certain Privacy preferences"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213489",
"name": "https://support.apple.com/en-us/HT213489"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A logic issue was addressed with improved checks. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to bypass certain Privacy preferences"
} }
] ]
} }

99
2022/46xxx/CVE-2022-46718.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-46718", "ID": "CVE-2022-46718",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to read sensitive location information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213534",
"name": "https://support.apple.com/en-us/HT213534"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213533",
"name": "https://support.apple.com/en-us/HT213533"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, macOS Monterey 12.6.2. An app may be able to read sensitive location information"
} }
] ]
} }

83
2023/23xxx/CVE-2023-23516.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-23516", "ID": "CVE-2023-23516",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.2"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213603",
"name": "https://support.apple.com/en-us/HT213603"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213605",
"name": "https://support.apple.com/en-us/HT213605"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213604",
"name": "https://support.apple.com/en-us/HT213604"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Big Sur 11.7.3, macOS Ventura 13.2. An app may be able to execute arbitrary code with kernel privileges"
} }
] ]
} }

51
2023/23xxx/CVE-2023-23539.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-23539", "ID": "CVE-2023-23539",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Mounting a maliciously crafted Samba network share may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213605",
"name": "https://support.apple.com/en-us/HT213605"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution"
} }
] ]
} }

78
2023/25xxx/CVE-2023-25515.json
View File

@ -1,17 +1,87 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-25515", "ID": "CVE-2023-25515",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "psirt@nvidia.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "\nNVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity. \n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-923",
"cweId": "CWE-923"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "NVIDIA",
"product": {
"product_data": [
{
"product_name": "Jetson AGX Xavier series, Jetson Xavier NX",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions prior to 32.7.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5466",
"refsource": "MISC",
"name": "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5466"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
} }
] ]
} }

78
2023/25xxx/CVE-2023-25518.json
View File

@ -1,17 +1,87 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-25518", "ID": "CVE-2023-25518",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "psirt@nvidia.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "\nNVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity. \n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-923",
"cweId": "CWE-923"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "NVIDIA",
"product": {
"product_data": [
{
"product_name": "Jetson AGX Xavier series, Jetson Xavier NX",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions prior to 32.7.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5466",
"refsource": "MISC",
"name": "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5466"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
} }
] ]
} }

78
2023/25xxx/CVE-2023-25520.json
View File

@ -1,17 +1,87 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-25520", "ID": "CVE-2023-25520",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "psirt@nvidia.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "\nNVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "NVIDIA",
"product": {
"product_data": [
{
"product_name": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions prior to 32.7.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5466",
"refsource": "MISC",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5466"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
} }
] ]
} }

99
2023/27xxx/CVE-2023-27930.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-27930", "ID": "CVE-2023-27930",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to execute arbitrary code with kernel privileges"
} }
] ]
} }

83
2023/27xxx/CVE-2023-27940.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-27940", "ID": "CVE-2023-27940",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A sandboxed app may be able to observe system-wide network connections"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213765",
"name": "https://support.apple.com/en-us/HT213765"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6. A sandboxed app may be able to observe system-wide network connections"
} }
] ]
} }

51
2023/27xxx/CVE-2023-27964.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-27964", "ID": "CVE-2023-27964",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "AirPods Firmware Update E",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213752",
"name": "https://support.apple.com/en-us/HT213752"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 5E133. When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones."
} }
] ]
} }

131
2023/28xxx/CVE-2023-28191.json
View File

@ -4,14 +4,139 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-28191", "ID": "CVE-2023-28191",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to bypass Privacy preferences"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences"
} }
] ]
} }

99
2023/28xxx/CVE-2023-28202.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-28202", "ID": "CVE-2023-28202",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app firewall setting may not take effect after exiting the Settings app"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app firewall setting may not take effect after exiting the Settings app"
} }
] ]
} }

131
2023/28xxx/CVE-2023-28204.json
View File

@ -4,14 +4,139 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-28204", "ID": "CVE-2023-28204",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213765",
"name": "https://support.apple.com/en-us/HT213765"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213762",
"name": "https://support.apple.com/en-us/HT213762"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited."
} }
] ]
} }

51
2023/32xxx/CVE-2023-32351.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32351", "ID": "CVE-2023-32351",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.12"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to gain elevated privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213763",
"name": "https://support.apple.com/en-us/HT213763"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to gain elevated privileges"
} }
] ]
} }

115
2023/32xxx/CVE-2023-32352.json
View File

@ -4,14 +4,123 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32352", "ID": "CVE-2023-32352",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may bypass Gatekeeper checks"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A logic issue was addressed with improved checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may bypass Gatekeeper checks"
} }
] ]
} }

51
2023/32xxx/CVE-2023-32353.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32353", "ID": "CVE-2023-32353",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.12"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to elevate privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213763",
"name": "https://support.apple.com/en-us/HT213763"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to elevate privileges"
} }
] ]
} }

83
2023/32xxx/CVE-2023-32354.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32354", "ID": "CVE-2023-32354",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to disclose kernel memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory"
} }
] ]
} }

83
2023/32xxx/CVE-2023-32355.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32355", "ID": "CVE-2023-32355",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to modify protected parts of the file system"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system"
} }
] ]
} }

131
2023/32xxx/CVE-2023-32357.json
View File

@ -4,14 +4,139 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32357", "ID": "CVE-2023-32357",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to retain access to system configuration files even after its permission is revoked"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An authorization issue was addressed with improved state management. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to retain access to system configuration files even after its permission is revoked"
} }
] ]
} }

83
2023/32xxx/CVE-2023-32360.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32360", "ID": "CVE-2023-32360",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An unauthenticated user may be able to access recently printed documents"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An unauthenticated user may be able to access recently printed documents"
} }
] ]
} }

51
2023/32xxx/CVE-2023-32363.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32363", "ID": "CVE-2023-32363",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to bypass Privacy preferences"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Ventura 13.4. An app may be able to bypass Privacy preferences"
} }
] ]
} }

67
2023/32xxx/CVE-2023-32365.json
View File

@ -4,14 +4,75 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32365", "ID": "CVE-2023-32365",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Shake-to-undo may allow a deleted photo to be re-surfaced without authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213765",
"name": "https://support.apple.com/en-us/HT213765"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, iOS 15.7.6 and iPadOS 15.7.6. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication"
} }
] ]
} }

67
2023/32xxx/CVE-2023-32367.json
View File

@ -4,14 +4,75 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32367", "ID": "CVE-2023-32367",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to access user-sensitive data"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to access user-sensitive data"
} }
] ]
} }

115
2023/32xxx/CVE-2023-32368.json
View File

@ -4,14 +4,123 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32368", "ID": "CVE-2023-32368",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a 3D model may result in disclosure of process memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Monterey 12.6.6. Processing a 3D model may result in disclosure of process memory"
} }
] ]
} }

83
2023/32xxx/CVE-2023-32369.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32369", "ID": "CVE-2023-32369",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to modify protected parts of the file system"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system"
} }
] ]
} }

67
2023/32xxx/CVE-2023-32371.json
View File

@ -4,14 +4,75 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32371", "ID": "CVE-2023-32371",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to break out of its sandbox"
} }
] ]
} }

99
2023/32xxx/CVE-2023-32372.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32372", "ID": "CVE-2023-32372",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing an image may result in disclosure of process memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. Processing an image may result in disclosure of process memory"
} }
] ]
} }

131
2023/32xxx/CVE-2023-32373.json
View File

@ -4,14 +4,139 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32373", "ID": "CVE-2023-32373",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213765",
"name": "https://support.apple.com/en-us/HT213765"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213762",
"name": "https://support.apple.com/en-us/HT213762"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
} }
] ]
} }

67
2023/32xxx/CVE-2023-32375.json
View File

@ -4,14 +4,75 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32375", "ID": "CVE-2023-32375",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a 3D model may result in disclosure of process memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6. Processing a 3D model may result in disclosure of process memory"
} }
] ]
} }

99
2023/32xxx/CVE-2023-32376.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32376", "ID": "CVE-2023-32376",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to modify protected parts of the file system"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to modify protected parts of the file system"
} }
] ]
} }

83
2023/32xxx/CVE-2023-32380.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32380", "ID": "CVE-2023-32380",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a 3D model may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. Processing a 3D model may lead to arbitrary code execution"
} }
] ]
} }

83
2023/32xxx/CVE-2023-32382.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32382", "ID": "CVE-2023-32382",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a 3D model may result in disclosure of process memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. Processing a 3D model may result in disclosure of process memory"
} }
] ]
} }

147
2023/32xxx/CVE-2023-32384.json
View File

@ -4,14 +4,155 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32384", "ID": "CVE-2023-32384",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing an image may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213765",
"name": "https://support.apple.com/en-us/HT213765"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. Processing an image may lead to arbitrary code execution"
} }
] ]
} }

67
2023/32xxx/CVE-2023-32385.json
View File

@ -4,14 +4,75 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32385", "ID": "CVE-2023-32385",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Opening a PDF file may lead to unexpected app termination"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A denial-of-service issue was addressed with improved memory handling. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. Opening a PDF file may lead to unexpected app termination"
} }
] ]
} }

83
2023/32xxx/CVE-2023-32386.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32386", "ID": "CVE-2023-32386",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to observe unprotected user data"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to observe unprotected user data"
} }
] ]
} }

83
2023/32xxx/CVE-2023-32387.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32387", "ID": "CVE-2023-32387",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution"
} }
] ]
} }

131
2023/32xxx/CVE-2023-32388.json
View File

@ -4,14 +4,139 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32388", "ID": "CVE-2023-32388",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to bypass Privacy preferences"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213765",
"name": "https://support.apple.com/en-us/HT213765"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences"
} }
] ]
} }

99
2023/32xxx/CVE-2023-32389.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32389", "ID": "CVE-2023-32389",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to disclose kernel memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory"
} }
] ]
} }

83
2023/32xxx/CVE-2023-32390.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32390", "ID": "CVE-2023-32390",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup"
} }
] ]
} }

99
2023/32xxx/CVE-2023-32391.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32391", "ID": "CVE-2023-32391",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A shortcut may be able to use sensitive data with certain actions without prompting the user"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213765",
"name": "https://support.apple.com/en-us/HT213765"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6. A shortcut may be able to use sensitive data with certain actions without prompting the user"
} }
] ]
} }

131
2023/32xxx/CVE-2023-32392.json
View File

@ -4,14 +4,139 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32392", "ID": "CVE-2023-32392",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to read sensitive location information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to read sensitive location information"
} }
] ]
} }

99
2023/32xxx/CVE-2023-32394.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32394", "ID": "CVE-2023-32394",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A person with physical access to a device may be able to view contact information from the lock screen"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. A person with physical access to a device may be able to view contact information from the lock screen"
} }
] ]
} }

83
2023/32xxx/CVE-2023-32395.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32395", "ID": "CVE-2023-32395",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to modify protected parts of the file system"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system"
} }
] ]
} }

99
2023/32xxx/CVE-2023-32397.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32397", "ID": "CVE-2023-32397",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to modify protected parts of the file system"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213765",
"name": "https://support.apple.com/en-us/HT213765"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system"
} }
] ]
} }

147
2023/32xxx/CVE-2023-32398.json
View File

@ -4,14 +4,155 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32398", "ID": "CVE-2023-32398",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213765",
"name": "https://support.apple.com/en-us/HT213765"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to execute arbitrary code with kernel privileges"
} }
] ]
} }

99
2023/32xxx/CVE-2023-32399.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32399", "ID": "CVE-2023-32399",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to read sensitive location information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "The issue was addressed with improved handling of caches. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to read sensitive location information"
} }
] ]
} }

83
2023/32xxx/CVE-2023-32400.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32400", "ID": "CVE-2023-32400",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Entitlements and privacy permissions granted to this app may be used by a malicious app"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "This issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. Entitlements and privacy permissions granted to this app may be used by a malicious app"
} }
] ]
} }

115
2023/32xxx/CVE-2023-32402.json
View File

@ -4,14 +4,123 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32402", "ID": "CVE-2023-32402",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing web content may disclose sensitive information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213762",
"name": "https://support.apple.com/en-us/HT213762"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information"
} }
] ]
} }

147
2023/32xxx/CVE-2023-32403.json
View File

@ -4,14 +4,155 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32403", "ID": "CVE-2023-32403",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to read sensitive location information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213765",
"name": "https://support.apple.com/en-us/HT213765"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to read sensitive location information"
} }
] ]
} }

83
2023/32xxx/CVE-2023-32404.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32404", "ID": "CVE-2023-32404",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to bypass Privacy preferences"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. An app may be able to bypass Privacy preferences"
} }
] ]
} }

83
2023/32xxx/CVE-2023-32405.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32405", "ID": "CVE-2023-32405",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to gain root privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to gain root privileges"
} }
] ]
} }

147
2023/32xxx/CVE-2023-32407.json
View File

@ -4,14 +4,155 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32407", "ID": "CVE-2023-32407",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to bypass Privacy preferences"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213765",
"name": "https://support.apple.com/en-us/HT213765"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A logic issue was addressed with improved state management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences"
} }
] ]
} }

131
2023/32xxx/CVE-2023-32408.json
View File

@ -4,14 +4,139 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32408", "ID": "CVE-2023-32408",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to read sensitive location information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213765",
"name": "https://support.apple.com/en-us/HT213765"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "The issue was addressed with improved handling of caches. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Monterey 12.6.6. An app may be able to read sensitive location information"
} }
] ]
} }

115
2023/32xxx/CVE-2023-32409.json
View File

@ -4,14 +4,123 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32409", "ID": "CVE-2023-32409",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213762",
"name": "https://support.apple.com/en-us/HT213762"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited."
} }
] ]
} }

99
2023/32xxx/CVE-2023-32410.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32410", "ID": "CVE-2023-32410",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to leak sensitive kernel state"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213765",
"name": "https://support.apple.com/en-us/HT213765"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6. An app may be able to leak sensitive kernel state"
} }
] ]
} }

115
2023/32xxx/CVE-2023-32411.json
View File

@ -4,14 +4,123 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32411", "ID": "CVE-2023-32411",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to bypass Privacy preferences"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "This issue was addressed with improved entitlements. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences"
} }
] ]
} }

147
2023/32xxx/CVE-2023-32412.json
View File

@ -4,14 +4,155 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32412", "ID": "CVE-2023-32412",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213765",
"name": "https://support.apple.com/en-us/HT213765"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution"
} }
] ]
} }

147
2023/32xxx/CVE-2023-32413.json
View File

@ -4,14 +4,155 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32413", "ID": "CVE-2023-32413",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to gain root privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213765",
"name": "https://support.apple.com/en-us/HT213765"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213759",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A race condition was addressed with improved state handling. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to gain root privileges"
} }
] ]
} }

51
2023/32xxx/CVE-2023-32414.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32414", "ID": "CVE-2023-32414",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to break out of its sandbox"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4. An app may be able to break out of its sandbox"
} }
] ]
} }

83
2023/32xxx/CVE-2023-32415.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32415", "ID": "CVE-2023-32415",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to read sensitive location information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, tvOS 16.5. An app may be able to read sensitive location information"
} }
] ]
} }

51
2023/32xxx/CVE-2023-32417.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32417", "ID": "CVE-2023-32417",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An attacker with physical access to a locked Apple Watch may be able to view user photos or contacts via accessibility features"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "This issue was addressed by restricting options offered on a locked device. This issue is fixed in watchOS 9.5. An attacker with physical access to a locked Apple Watch may be able to view user photos or contacts via accessibility features"
} }
] ]
} }

51
2023/32xxx/CVE-2023-32419.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32419", "ID": "CVE-2023-32419",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.5 and iPadOS 16.5. A remote attacker may be able to cause arbitrary code execution"
} }
] ]
} }

99
2023/32xxx/CVE-2023-32420.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32420", "ID": "CVE-2023-32420",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to cause unexpected system termination or read kernel memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to cause unexpected system termination or read kernel memory"
} }
] ]
} }

83
2023/32xxx/CVE-2023-32422.json
View File

@ -4,14 +4,91 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32422", "ID": "CVE-2023-32422",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to bypass Privacy preferences"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "This issue was addressed by adding additional SQLite logging restrictions. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, tvOS 16.5. An app may be able to bypass Privacy preferences"
} }
] ]
} }

115
2023/32xxx/CVE-2023-32423.json
View File

@ -4,14 +4,123 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32423", "ID": "CVE-2023-32423",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing web content may disclose sensitive information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213758",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213764",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213757",
"name": "https://support.apple.com/en-us/HT213757"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213761",
"name": "https://support.apple.com/en-us/HT213761"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213762",
"name": "https://support.apple.com/en-us/HT213762"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information"
} }
] ]
} }

147
2023/32xxx/CVE-2023-32434.json
View File

@ -4,14 +4,155 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32434", "ID": "CVE-2023-32434",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "12.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "8.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "11.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213811",
"name": "https://support.apple.com/en-us/HT213811"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213814",
"name": "https://support.apple.com/en-us/HT213814"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213813",
"name": "https://support.apple.com/en-us/HT213813"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213810",
"name": "https://support.apple.com/en-us/HT213810"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213808",
"name": "https://support.apple.com/en-us/HT213808"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213812",
"name": "https://support.apple.com/en-us/HT213812"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213809",
"name": "https://support.apple.com/en-us/HT213809"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Big Sur 11.7.8, macOS Monterey 12.6.7, macOS Ventura 13.4.1, watchOS 9.5.2. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7."
} }
] ]
} }

99
2023/32xxx/CVE-2023-32435.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32435", "ID": "CVE-2023-32435",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.4"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213671",
"name": "https://support.apple.com/en-us/HT213671"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213811",
"name": "https://support.apple.com/en-us/HT213811"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3, iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7."
} }
] ]
} }

99
2023/32xxx/CVE-2023-32439.json
View File

@ -4,14 +4,107 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-32439", "ID": "CVE-2023-32439",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apple",
"product": {
"product_data": [
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.5"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.4"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213811",
"name": "https://support.apple.com/en-us/HT213811"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213816",
"name": "https://support.apple.com/en-us/HT213816"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213814",
"name": "https://support.apple.com/en-us/HT213814"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213813",
"name": "https://support.apple.com/en-us/HT213813"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, Safari 16.5.1, macOS Ventura 13.4.1, iOS 15.7.7 and iPadOS 15.7.7. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
} }
] ]
} }

5
2023/34xxx/CVE-2023-34241.json
View File

@ -68,6 +68,11 @@
"url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.6", "url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.6",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.6" "name": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/23/10",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/06/23/10"
} }
] ]
}, },

61
2023/34xxx/CVE-2023-34671.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-34671",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-34671",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper Access Control leads to privilege escalation affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role in the user profile. An attack could occur over the public Internet in some cases."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://elenos.com",
"refsource": "MISC",
"name": "http://elenos.com"
},
{
"refsource": "MISC",
"name": "https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-34671",
"url": "https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-34671"
} }
] ]
} }

103
2023/35xxx/CVE-2023-35153.json
View File

@ -1,17 +1,112 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-35153", "ID": "CVE-2023-35153",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security-advisories@github.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "XWiki Platform is a generic wiki platform. Starting in version 5.4.4 and prior to versions 14.4.8, 14.10.4, and 15.0, a stored cross-site scripting vulnerability can be exploited by users with edit rights by adding a `AppWithinMinutes.FormFieldCategoryClass` class on a page and setting the payload on the page title. Then, any user visiting `/xwiki/bin/view/AppWithinMinutes/ClassEditSheet` executes the payload. The issue has been patched in XWiki 14.4.8, 14.10.4, and 15.0. As a workaround, update `AppWithinMinutes.ClassEditSheet` with a patch."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"cweId": "CWE-80"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "xwiki",
"product": {
"product_data": [
{
"product_name": "xwiki-platform",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 5.4.4, < 14.4.8"
},
{
"version_affected": "=",
"version_value": " >= 14.5, < 14.10.4"
},
{
"version_affected": "=",
"version_value": ">= 15.0-rc-1, < 15.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-4wc6-hqv9-qc97",
"refsource": "MISC",
"name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-4wc6-hqv9-qc97"
},
{
"url": "https://github.com/xwiki/xwiki-platform/commit/1b87fec1e5b5ec00b7a8c3c3f94f6c5e22547392#diff-79e725ec7125cced7d302e1a1f955a76745af26ef28a148981b810e85335d302",
"refsource": "MISC",
"name": "https://github.com/xwiki/xwiki-platform/commit/1b87fec1e5b5ec00b7a8c3c3f94f6c5e22547392#diff-79e725ec7125cced7d302e1a1f955a76745af26ef28a148981b810e85335d302"
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20365",
"refsource": "MISC",
"name": "https://jira.xwiki.org/browse/XWIKI-20365"
}
]
},
"source": {
"advisory": "GHSA-4wc6-hqv9-qc97",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
} }
] ]
} }

50
2023/3xxx/CVE-2023-3317.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-3317", "ID": "CVE-2023-3317",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Kernel",
"version": {
"version_data": [
{
"version_value": "KErnel version prior to 6.3-rc6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://patchwork.kernel.org/project/linux-wireless/patch/51fd8f76494348aa9ecbf0abc471ebe47a983dfd.1679502607.git.lorenzo@kernel.org/",
"url": "https://patchwork.kernel.org/project/linux-wireless/patch/51fd8f76494348aa9ecbf0abc471ebe47a983dfd.1679502607.git.lorenzo@kernel.org/"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A use-after-free flaw was found in mt7921_check_offload_capability in drivers/net/wireless/mediatek/mt76/mt7921/init.c in wifi mt76/mt7921 sub-component in the Linux Kernel. This flaw could allow an attacker to crash the system after 'features' memory release. This vulnerability could even lead to a kernel information leak problem."
} }
] ]
} }