diff --git a/CVE-2008/CVE-2008-23xx/CVE-2008-2383.json b/CVE-2008/CVE-2008-23xx/CVE-2008-2383.json index 78fab783012..1e703c89215 100644 --- a/CVE-2008/CVE-2008-23xx/CVE-2008-2383.json +++ b/CVE-2008/CVE-2008-23xx/CVE-2008-2383.json @@ -2,7 +2,7 @@ "id": "CVE-2008-2383", "sourceIdentifier": "cve@mitre.org", "published": "2009-01-02T18:11:09.483", - "lastModified": "2023-07-26T02:15:08.883", + "lastModified": "2023-07-27T05:15:09.623", "vulnStatus": "Modified", "descriptions": [ { @@ -130,6 +130,10 @@ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47655", "source": "cve@mitre.org" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3E2Q6NPKT7V4VKZMSFF4ARLRVYOG4AU/", + "source": "cve@mitre.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOOVZTIABA4MIFUGTAVYWO6QXSUXSST4/", "source": "cve@mitre.org" diff --git a/CVE-2022/CVE-2022-247xx/CVE-2022-24795.json b/CVE-2022/CVE-2022-247xx/CVE-2022-24795.json index a637d42fbe2..46660a89fa4 100644 --- a/CVE-2022/CVE-2022-247xx/CVE-2022-24795.json +++ b/CVE-2022/CVE-2022-247xx/CVE-2022-24795.json @@ -2,7 +2,7 @@ "id": "CVE-2022-24795", "sourceIdentifier": "security-advisories@github.com", "published": "2022-04-05T16:15:14.050", - "lastModified": "2023-07-16T03:15:09.130", + "lastModified": "2023-07-27T05:15:10.003", "vulnStatus": "Modified", "descriptions": [ { @@ -149,6 +149,10 @@ { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLE3C4CECEJ4EUYI56KXI6OWACWXX7WN/", "source": "security-advisories@github.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YO32YDJ74DADC7CMJNLSLBVWN5EXGF5J/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-49xx/CVE-2022-4952.json b/CVE-2022/CVE-2022-49xx/CVE-2022-4952.json index c0208e25bf2..47bc945bd87 100644 --- a/CVE-2022/CVE-2022-49xx/CVE-2022-4952.json +++ b/CVE-2022/CVE-2022-49xx/CVE-2022-4952.json @@ -2,8 +2,8 @@ "id": "CVE-2022-4952", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-17T02:15:09.273", - "lastModified": "2023-07-17T13:02:37.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-27T04:07:37.693", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -61,8 +83,18 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -71,26 +103,59 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dotnetfoundation:c\\#_language_server_protocol:*:*:*:*:*:*:*:*", + "versionEndExcluding": "0.19.7", + "matchCriteriaId": "1B1B237D-0D57-4DBA-8EBF-F883168EF32D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/OmniSharp/csharp-language-server-protocol/commit/7fd2219f194a9ef2a8901bb131c5fa12272305ce", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/OmniSharp/csharp-language-server-protocol/pull/902", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/OmniSharp/csharp-language-server-protocol/releases/tag/v0.19.7", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://vuldb.com/?ctiid.234238", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.234238", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-205xx/CVE-2023-20593.json b/CVE-2023/CVE-2023-205xx/CVE-2023-20593.json index 586f3f04fb5..1b0804048b7 100644 --- a/CVE-2023/CVE-2023-205xx/CVE-2023-20593.json +++ b/CVE-2023/CVE-2023-205xx/CVE-2023-20593.json @@ -2,7 +2,7 @@ "id": "CVE-2023-20593", "sourceIdentifier": "psirt@amd.com", "published": "2023-07-24T20:15:10.237", - "lastModified": "2023-07-26T19:15:09.687", + "lastModified": "2023-07-27T05:15:10.213", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -71,6 +71,10 @@ { "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7008", "source": "psirt@amd.com" + }, + { + "url": "https://www.debian.org/security/2023/dsa-5459", + "source": "psirt@amd.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-234xx/CVE-2023-23494.json b/CVE-2023/CVE-2023-234xx/CVE-2023-23494.json index 6692ee58403..b140e5e5a99 100644 --- a/CVE-2023/CVE-2023-234xx/CVE-2023-23494.json +++ b/CVE-2023/CVE-2023-234xx/CVE-2023-23494.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23494", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.063", - "lastModified": "2023-07-27T01:15:10.397", + "lastModified": "2023-07-27T04:15:12.513", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4. A user in a privileged network position may be able to cause a denial-of-service." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-234xx/CVE-2023-23496.json b/CVE-2023/CVE-2023-234xx/CVE-2023-23496.json index 6f285490b60..dda6edb3a08 100644 --- a/CVE-2023/CVE-2023-234xx/CVE-2023-23496.json +++ b/CVE-2023/CVE-2023-234xx/CVE-2023-23496.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23496", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.157", - "lastModified": "2023-07-27T01:15:10.473", + "lastModified": "2023-07-27T04:15:12.673", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, Safari 16.3, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2. Processing maliciously crafted web content may lead to arbitrary code execution." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, watchOS 9.3, iOS 15.7.2 and iPadOS 15.7.2, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-234xx/CVE-2023-23497.json b/CVE-2023/CVE-2023-234xx/CVE-2023-23497.json index 5a7fadaa155..cd51637758d 100644 --- a/CVE-2023/CVE-2023-234xx/CVE-2023-23497.json +++ b/CVE-2023/CVE-2023-234xx/CVE-2023-23497.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23497", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.220", - "lastModified": "2023-07-27T01:15:10.597", + "lastModified": "2023-07-27T04:15:12.767", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Big Sur 11.7.3, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences." + "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to gain root privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-234xx/CVE-2023-23498.json b/CVE-2023/CVE-2023-234xx/CVE-2023-23498.json index 1355e015747..8f5f7647d01 100644 --- a/CVE-2023/CVE-2023-234xx/CVE-2023-23498.json +++ b/CVE-2023/CVE-2023-234xx/CVE-2023-23498.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23498", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.287", - "lastModified": "2023-07-27T01:15:10.787", + "lastModified": "2023-07-27T04:15:12.847", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in iOS 15.7.3 and iPadOS 15.7.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An HTML document may be able to render iframes with sensitive user information." + "value": "A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.3 and iPadOS 15.7.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-234xx/CVE-2023-23499.json b/CVE-2023/CVE-2023-234xx/CVE-2023-23499.json index ba77b2a242f..7c0588fb29c 100644 --- a/CVE-2023/CVE-2023-234xx/CVE-2023-23499.json +++ b/CVE-2023/CVE-2023-234xx/CVE-2023-23499.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23499", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.353", - "lastModified": "2023-07-27T01:15:10.943", + "lastModified": "2023-07-27T04:15:12.933", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, macOS Big Sur 11.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution." + "value": "This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. An app may be able to access user-sensitive data." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23500.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23500.json index b7d2536fb3a..4d25a76ac3c 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23500.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23500.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23500", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.423", - "lastModified": "2023-07-27T01:15:11.067", + "lastModified": "2023-07-27T04:15:13.023", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2. Processing maliciously crafted web content may lead to arbitrary code execution." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to leak sensitive kernel state." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23501.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23501.json index e7c37809372..34b36a902a9 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23501.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23501.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23501", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.497", - "lastModified": "2023-07-27T01:15:11.203", + "lastModified": "2023-07-27T04:15:13.103", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2. An HTML document may be able to render iframes with sensitive user information." + "value": "The issue was addressed with improved memory handling This issue is fixed in macOS Ventura 13.2. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23502.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23502.json index e8a34566db7..cc4888e2df9 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23502.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23502.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23502", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.553", - "lastModified": "2023-07-27T01:15:11.353", + "lastModified": "2023-07-27T04:15:13.187", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution." + "value": "An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, tvOS 16.3, watchOS 9.3. An app may be able to determine kernel memory layout." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23503.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23503.json index 2275c4615e7..8c22aa886ca 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23503.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23503.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23503", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.617", - "lastModified": "2023-07-27T01:15:11.463", + "lastModified": "2023-07-27T04:15:13.277", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2. Processing maliciously crafted web content may lead to arbitrary code execution." + "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to bypass Privacy preferences." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23504.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23504.json index 54520470abc..64b0dd2f20f 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23504.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23504.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23504", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.677", - "lastModified": "2023-07-27T01:15:11.587", + "lastModified": "2023-07-27T04:15:13.363", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23505.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23505.json index 18f646cfb89..ebf5551b0ce 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23505.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23505.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23505", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.750", - "lastModified": "2023-07-27T01:15:11.723", + "lastModified": "2023-07-27T04:15:13.447", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution." + "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3. An app may be able to access information about a user\u2019s contacts." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23506.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23506.json index 84f4e692f73..61b8a4be854 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23506.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23506.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23506", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.817", - "lastModified": "2023-07-27T01:15:11.893", + "lastModified": "2023-07-27T04:15:13.537", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2. An HTML document may be able to render iframes with sensitive user information." + "value": "A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access user-sensitive data." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23507.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23507.json index ef5d7a84606..f4dfaff160e 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23507.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23507.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23507", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.880", - "lastModified": "2023-07-27T01:15:12.153", + "lastModified": "2023-07-27T04:15:13.620", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences." + "value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23508.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23508.json index 16b441a9802..a6dfb14cd4b 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23508.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23508.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23508", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.940", - "lastModified": "2023-07-27T00:15:11.550", + "lastModified": "2023-07-27T04:15:13.717", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Big Sur 11.7.3, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23510.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23510.json index 3842fbb5f4e..e75cd327f6d 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23510.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23510.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23510", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.010", - "lastModified": "2023-07-27T01:15:12.313", + "lastModified": "2023-07-27T04:15:13.807", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2. An HTML document may be able to render iframes with sensitive user information." + "value": "A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access a user\u2019s Safari history." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23511.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23511.json index 0e29ddd9aad..fd46d5e8e13 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23511.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23511.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23511", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.073", - "lastModified": "2023-07-27T01:15:12.487", + "lastModified": "2023-07-27T04:15:13.900", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, tvOS 16.3, watchOS 9.3. An app may be able to bypass Privacy preferences." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23512.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23512.json index 5748a86c1d7..39b946b8585 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23512.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23512.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23512", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.133", - "lastModified": "2023-07-27T01:15:12.597", + "lastModified": "2023-07-27T04:15:13.983", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Processing maliciously crafted web content may lead to arbitrary code execution." + "value": "The issue was addressed with improved handling of caches. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Visiting a website may lead to an app denial-of-service." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23513.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23513.json index ac5cf79aef8..16b180f4af6 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23513.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23513.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23513", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.200", - "lastModified": "2023-07-27T01:15:12.730", + "lastModified": "2023-07-27T04:15:14.067", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Big Sur 11.7.3, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23514.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23514.json index 7bfceaa6653..e756226ab8e 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23514.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23514.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23514", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.263", - "lastModified": "2023-07-27T01:15:12.897", + "lastModified": "2023-07-27T04:15:14.157", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.2.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." + "value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, macOS Big Sur 11.7.5. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23516.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23516.json index 68760a37c3a..7054558a3e9 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23516.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23516.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23516", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:10.797", - "lastModified": "2023-07-27T01:15:13.080", + "lastModified": "2023-07-27T04:15:14.380", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Big Sur 11.7.3, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23517.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23517.json index 4f0d244e53b..165173d3b6b 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23517.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23517.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23517", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.320", - "lastModified": "2023-07-27T01:15:13.150", + "lastModified": "2023-07-27T04:15:14.467", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, Safari 16.3, macOS Big Sur 11.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23518.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23518.json index efa1ab59964..2c51fa39e58 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23518.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23518.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23518", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.387", - "lastModified": "2023-07-27T01:15:13.220", + "lastModified": "2023-07-27T04:15:14.547", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, Safari 16.3, macOS Big Sur 11.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23519.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23519.json index f6c88df6c58..77544522fe5 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23519.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23519.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23519", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.453", - "lastModified": "2023-07-27T01:15:13.333", + "lastModified": "2023-07-27T04:15:14.630", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Processing maliciously crafted web content may lead to arbitrary code execution." + "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Processing an image may lead to a denial-of-service." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23520.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23520.json index 0b9369a86a5..d6a48cea546 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23520.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23520.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23520", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.517", - "lastModified": "2023-07-27T01:15:13.423", + "lastModified": "2023-07-27T04:15:14.720", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Processing maliciously crafted web content may lead to arbitrary code execution." + "value": "A race condition was addressed with additional validation. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may be able to read arbitrary files as root." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23522.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23522.json index d734f52cf69..c653077504a 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23522.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23522.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23522", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.580", - "lastModified": "2023-07-27T01:15:13.517", + "lastModified": "2023-07-27T04:15:14.807", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." + "value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.2.1. An app may be able to observe unprotected user data." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23523.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23523.json index 9103c1d1fbc..7aa0002ed65 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23523.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23523.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23523", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.117", - "lastModified": "2023-07-27T01:15:13.593", + "lastModified": "2023-07-27T04:15:14.893", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23524.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23524.json index c97d85ec975..e4d1ed66ccf 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23524.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23524.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23524", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.640", - "lastModified": "2023-07-27T01:15:13.653", + "lastModified": "2023-07-27T04:15:14.980", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A denial-of-service issue was addressed with improved input validation. This issue is fixed in watchOS 9.3.1, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, tvOS 16.3.2. Processing a maliciously crafted certificate may lead to a denial-of-service." + "value": "A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS Ventura 13.2.1. Processing a maliciously crafted certificate may lead to a denial-of-service." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23525.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23525.json index d6bfa12c3b2..8a332ba52c1 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23525.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23525.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23525", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.170", - "lastModified": "2023-07-27T01:15:13.727", + "lastModified": "2023-07-27T04:15:15.063", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5. An app may be able to gain root privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23526.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23526.json index a09911dc816..fbc217de33a 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23526.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23526.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23526", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.220", - "lastModified": "2023-07-27T01:15:13.813", + "lastModified": "2023-07-27T04:15:15.160", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "This was addressed with additional checks by Gatekeeper on files downloaded from an iCloud shared-by-me folder. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. A file from an iCloud shared-by-me folder may be able to bypass Gatekeeper." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23527.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23527.json index 094d5f759c3..57e1cc930e5 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23527.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23527.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23527", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.277", - "lastModified": "2023-07-27T01:15:13.887", + "lastModified": "2023-07-27T04:15:15.240", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4. An app may be able to break out of its sandbox." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. A user may gain access to protected parts of the file system." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23528.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23528.json index ac8dfee90e5..4b383471a55 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23528.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23528.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23528", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.343", - "lastModified": "2023-07-27T01:15:13.957", + "lastModified": "2023-07-27T04:15:15.330", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, tvOS 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 16.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23529.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23529.json index 891ee20e30d..1001325d9b4 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23529.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23529.json @@ -2,7 +2,7 @@ "id": "CVE-2023-23529", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.710", - "lastModified": "2023-07-27T01:15:14.043", + "lastModified": "2023-07-27T04:15:15.413", "vulnStatus": "Modified", "cisaExploitAdd": "2023-02-14", "cisaActionDue": "2023-03-07", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in Safari 16.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "A type confusion issue was addressed with improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23530.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23530.json index 51f8dbf6dd7..562328decdb 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23530.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23530.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23530", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.773", - "lastModified": "2023-07-27T01:15:14.123", + "lastModified": "2023-07-27T04:15:15.507", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An HTML document may be able to render iframes with sensitive user information." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23531.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23531.json index 1e6e45d13e2..685668f8399 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23531.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23531.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23531", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.843", - "lastModified": "2023-07-27T01:15:14.210", + "lastModified": "2023-07-27T04:15:15.590", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An HTML document may be able to render iframes with sensitive user information." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23532.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23532.json index ae9eb815f61..cc7846c994d 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23532.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23532.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23532", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.403", - "lastModified": "2023-07-27T01:15:14.280", + "lastModified": "2023-07-27T04:15:15.707", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." + "value": "This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.6 and iPadOS 15.7.6. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23533.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23533.json index d038db07053..88e416a5b73 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23533.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23533.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23533", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.457", - "lastModified": "2023-07-27T01:15:14.357", + "lastModified": "2023-07-27T04:15:15.820", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. An app may be able to modify protected parts of the file system." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23534.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23534.json index bc89470a501..814553d1bbf 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23534.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23534.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23534", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.507", - "lastModified": "2023-07-27T01:15:14.427", + "lastModified": "2023-07-27T04:15:15.907", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5. Processing a maliciously crafted image may result in disclosure of process memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23535.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23535.json index 82ce1f23c7b..07658753f2d 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23535.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23535.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23535", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.567", - "lastModified": "2023-07-27T01:15:14.490", + "lastModified": "2023-07-27T04:15:16.003", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.6, macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.6, tvOS 16.4, watchOS 9.4. Processing a maliciously crafted image may result in disclosure of process memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23536.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23536.json index 2a81a512fe1..315a600203b 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23536.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23536.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23536", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.630", - "lastModified": "2023-07-27T01:15:14.563", + "lastModified": "2023-07-27T04:15:16.113", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23537.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23537.json index e57bd0e3577..a6ca88aabde 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23537.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23537.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23537", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.687", - "lastModified": "2023-07-27T01:15:14.680", + "lastModified": "2023-07-27T04:15:16.210", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, watchOS 9.4, macOS Big Sur 11.7.5. An app may be able to read sensitive location information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23538.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23538.json index 07a3f57ba81..137510046b6 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23538.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23538.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23538", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.747", - "lastModified": "2023-07-27T01:15:14.763", + "lastModified": "2023-07-27T04:15:16.313", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. An app may be able to modify protected parts of the file system." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23539.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23539.json index b75718a7025..42d3508ff88 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23539.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23539.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23539", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:10.843", - "lastModified": "2023-07-27T01:15:14.857", + "lastModified": "2023-07-27T04:15:16.423", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2. An HTML document may be able to render iframes with sensitive user information." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23540.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23540.json index 80e79c17f07..358ae73357f 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23540.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23540.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23540", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.797", - "lastModified": "2023-07-27T01:15:14.927", + "lastModified": "2023-07-27T04:15:16.517", "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 15.7.8 and iPadOS 15.7.8. Processing web content may disclose sensitive information." + "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23541.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23541.json index 80047afa5d0..b921ab6a892 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23541.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23541.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23541", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.860", - "lastModified": "2023-07-27T01:15:15.017", + "lastModified": "2023-07-27T04:15:16.660", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to access information about a user\u2019s contacts." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23542.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23542.json index c509da81c68..6d70694e51e 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23542.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23542.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23542", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.923", - "lastModified": "2023-07-27T01:15:15.100", + "lastModified": "2023-07-27T04:15:16.763", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to access user-sensitive data." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23543.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23543.json index 1e23cec6a51..a0dad4b33cf 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23543.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23543.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23543", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.003", - "lastModified": "2023-07-27T01:15:15.203", + "lastModified": "2023-07-27T04:15:16.853", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, watchOS 9.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. A sandboxed app may be able to determine which app is currently using the camera." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27928.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27928.json index 7a29cb179ab..b2b8ef94792 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27928.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27928.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27928", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.063", - "lastModified": "2023-07-27T01:15:15.277", + "lastModified": "2023-07-27T04:15:16.947", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4, macOS Big Sur 11.7.5. An app may be able to access information about a user\u2019s contacts." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27929.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27929.json index 7d788d483f9..953a343e44d 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27929.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27929.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27929", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.130", - "lastModified": "2023-07-27T01:15:15.353", + "lastModified": "2023-07-27T04:15:17.057", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, watchOS 9.4, macOS Ventura 13.3, tvOS 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing a maliciously crafted image may result in disclosure of process memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27930.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27930.json index 431b8a9cd85..19afdcd068f 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27930.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27930.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27930", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.097", - "lastModified": "2023-07-27T01:15:15.437", + "lastModified": "2023-07-27T04:15:17.167", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory." + "value": "A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27931.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27931.json index 75cff1d9ab8..a01084d313a 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27931.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27931.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27931", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.197", - "lastModified": "2023-07-27T01:15:15.523", + "lastModified": "2023-07-27T04:15:17.277", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences." + "value": "This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.3, tvOS 16.4, watchOS 9.4. An app may be able to access user-sensitive data." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27932.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27932.json index 756f2a51dcd..24b718fc0cf 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27932.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27932.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27932", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.247", - "lastModified": "2023-07-27T01:15:15.613", + "lastModified": "2023-07-27T04:15:17.383", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4, Safari 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, watchOS 9.4. Processing maliciously crafted web content may bypass Same Origin Policy." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27933.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27933.json index 5c1221b235c..b45c53e2dc1 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27933.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27933.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27933", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.310", - "lastModified": "2023-07-27T01:15:15.707", + "lastModified": "2023-07-27T04:15:17.520", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, watchOS 9.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. An app with root privileges may be able to execute arbitrary code with kernel privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27934.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27934.json index e0ce952abc5..335be14d64c 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27934.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27934.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27934", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.367", - "lastModified": "2023-07-27T01:15:15.790", + "lastModified": "2023-07-27T04:15:17.627", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27935.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27935.json index cf756e96a74..0a4cdb910f8 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27935.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27935.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27935", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.423", - "lastModified": "2023-07-27T01:15:15.887", + "lastModified": "2023-07-27T04:15:17.777", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27936.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27936.json index f4d997fe3fb..77afa5ec43c 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27936.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27936.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27936", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.493", - "lastModified": "2023-07-27T01:15:15.957", + "lastModified": "2023-07-27T04:15:17.887", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to cause unexpected system termination or write kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27937.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27937.json index b98a862dd7c..b1554990dc6 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27937.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27937.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27937", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.550", - "lastModified": "2023-07-27T01:15:16.023", + "lastModified": "2023-07-27T04:15:17.987", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4. An app may be able to break out of its sandbox." + "value": "An integer overflow was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27940.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27940.json index d06544a332c..bfdd1b1b4f1 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27940.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27940.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27940", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.147", - "lastModified": "2023-07-27T01:15:16.180", + "lastModified": "2023-07-27T04:15:18.130", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." + "value": "The issue was addressed with additional permissions checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6, macOS Ventura 13.4. A sandboxed app may be able to observe system-wide network connections." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27941.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27941.json index 191cc300db3..8105c76393a 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27941.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27941.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27941", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.670", - "lastModified": "2023-07-27T01:15:16.250", + "lastModified": "2023-07-27T04:15:18.447", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27942.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27942.json index 5524efc4981..524ecd78ed9 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27942.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27942.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27942", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.733", - "lastModified": "2023-07-27T01:15:16.337", + "lastModified": "2023-07-27T04:15:18.623", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4. An app may be able to break out of its sandbox." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. An app may be able to access user-sensitive data." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27943.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27943.json index aacdf750b6a..b9a1d800656 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27943.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27943.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27943", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.790", - "lastModified": "2023-07-27T01:15:16.417", + "lastModified": "2023-07-27T04:15:18.820", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. Files downloaded from the internet may not have the quarantine flag applied." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27944.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27944.json index 066378c5d28..1a364e05ce6 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27944.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27944.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27944", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.857", - "lastModified": "2023-07-27T01:15:16.507", + "lastModified": "2023-07-27T04:15:18.927", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27945.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27945.json index 838221477c3..4e7dcf8f261 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27945.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27945.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27945", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.930", - "lastModified": "2023-07-27T01:15:16.577", + "lastModified": "2023-07-27T04:15:19.033", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in Xcode 14.3, macOS Monterey 12.6.6, macOS Big Sur 11.7.7. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A sandboxed app may be able to collect system logs." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27946.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27946.json index dff3686c184..fdde4903031 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27946.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27946.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27946", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.990", - "lastModified": "2023-07-27T01:15:16.647", + "lastModified": "2023-07-27T04:15:19.140", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27949.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27949.json index db1b9a1b831..47002765cc5 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27949.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27949.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27949", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.043", - "lastModified": "2023-07-27T01:15:16.720", + "lastModified": "2023-07-27T04:15:19.250", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27951.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27951.json index 0c56b74e6d0..487af4428b9 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27951.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27951.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27951", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.100", - "lastModified": "2023-07-27T01:15:16.793", + "lastModified": "2023-07-27T04:15:19.403", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An archive may be able to bypass Gatekeeper." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27952.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27952.json index f1f1962a60f..638507e784c 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27952.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27952.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27952", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.157", - "lastModified": "2023-07-27T01:15:16.877", + "lastModified": "2023-07-27T04:15:19.543", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.3. An app may bypass Gatekeeper checks." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27953.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27953.json index 3b043794c1e..dae315c830d 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27953.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27953.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27953", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.207", - "lastModified": "2023-07-27T01:15:16.947", + "lastModified": "2023-07-27T04:15:19.687", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27954.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27954.json index d9f1d650534..595932d0a9c 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27954.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27954.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27954", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.267", - "lastModified": "2023-07-27T01:15:17.013", + "lastModified": "2023-07-27T04:15:19.933", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, watchOS 9.4, Safari 16.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. A website may be able to track sensitive user information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27955.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27955.json index e69a2f7ce68..61c54e91d5a 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27955.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27955.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27955", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.317", - "lastModified": "2023-07-27T01:15:17.097", + "lastModified": "2023-07-27T04:15:20.063", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. An app may be able to break out of its sandbox." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, tvOS 16.4, macOS Big Sur 11.7.5. An app may be able to read arbitrary files." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27956.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27956.json index 6e08122e8d1..6d9353e4cc1 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27956.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27956.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27956", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.383", - "lastModified": "2023-07-27T01:15:17.197", + "lastModified": "2023-07-27T04:15:20.183", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. Processing a maliciously crafted image may result in disclosure of process memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27957.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27957.json index 443836f5245..74f911fe95b 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27957.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27957.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27957", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.433", - "lastModified": "2023-07-27T01:15:17.287", + "lastModified": "2023-07-27T04:15:20.277", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27958.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27958.json index 9a3a7df9ac8..59b17be8a3e 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27958.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27958.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27958", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.493", - "lastModified": "2023-07-27T01:15:17.380", + "lastModified": "2023-07-27T04:15:20.387", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27959.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27959.json index a090e3edcbb..e9ac626b3b6 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27959.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27959.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27959", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.547", - "lastModified": "2023-07-27T01:15:17.450", + "lastModified": "2023-07-27T04:15:20.480", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27960.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27960.json index 43a83dd6e52..5bf864b4ff1 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27960.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27960.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27960", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.603", - "lastModified": "2023-07-27T01:15:17.513", + "lastModified": "2023-07-27T04:15:20.577", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in GarageBand for macOS 10.4.8. Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution." + "value": "This issue was addressed by removing the vulnerable code. This issue is fixed in GarageBand for macOS 10.4.8. An app may be able to gain elevated privileges during the installation of GarageBand." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27961.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27961.json index 27ad0f0bf28..5252ca5dea3 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27961.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27961.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27961", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.663", - "lastModified": "2023-07-27T01:15:17.587", + "lastModified": "2023-07-27T04:15:20.680", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "Multiple validation issues were addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, watchOS 9.4, macOS Big Sur 11.7.5. Importing a maliciously crafted calendar invitation may exfiltrate user information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27962.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27962.json index 4af8cd63d47..51b9e28e8e2 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27962.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27962.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27962", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.717", - "lastModified": "2023-07-27T01:15:17.660", + "lastModified": "2023-07-27T04:15:20.830", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to modify protected parts of the file system." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27963.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27963.json index abe7055eec7..f04d6cc2020 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27963.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27963.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27963", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.773", - "lastModified": "2023-07-27T01:15:17.747", + "lastModified": "2023-07-27T04:15:20.933", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. A shortcut may be able to use sensitive data with certain actions without prompting the user." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27965.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27965.json index 88ec6144c17..bd4520a7b08 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27965.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27965.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27965", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.833", - "lastModified": "2023-07-27T01:15:17.837", + "lastModified": "2023-07-27T04:15:21.023", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in Studio Display Firmware Update 16.4, macOS Ventura 13.3. An app may be able to execute arbitrary code with kernel privileges." + "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Studio Display Firmware Update 16.4. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27966.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27966.json index 5be8d62edb4..afeb051ad27 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27966.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27966.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27966", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.890", - "lastModified": "2023-07-27T01:15:17.910", + "lastModified": "2023-07-27T04:15:21.120", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27967.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27967.json index c214b692965..5712a8a0467 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27967.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27967.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27967", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.937", - "lastModified": "2023-07-27T01:15:17.980", + "lastModified": "2023-07-27T04:15:21.227", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3. A sandboxed app may be able to collect system logs." + "value": "The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27968.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27968.json index d26cd9d1b97..651f7c00b74 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27968.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27968.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27968", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.000", - "lastModified": "2023-07-27T01:15:18.037", + "lastModified": "2023-07-27T04:15:21.313", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27969.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27969.json index ab4751a4589..c0aac94b71f 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27969.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27969.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27969", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.053", - "lastModified": "2023-07-27T01:15:18.113", + "lastModified": "2023-07-27T04:15:21.400", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27970.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27970.json index 61dfcfbf500..e60d1d09e0e 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27970.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27970.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27970", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.110", - "lastModified": "2023-07-27T01:15:18.190", + "lastModified": "2023-07-27T04:15:21.487", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2759.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2759.json index 0570a114b34..4576cf3c935 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2759.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2759.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2759", "sourceIdentifier": "info@cert.vde.com", "published": "2023-07-17T07:15:08.717", - "lastModified": "2023-07-17T13:02:37.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-27T04:07:45.430", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,43 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:taphome:core_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.2", + "matchCriteriaId": "B01D7D94-C7A8-4FD6-8A85-D863DB3A7DE5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:taphome:core:-:*:*:*:*:*:*:*", + "matchCriteriaId": "230C3E69-F7C7-4A2D-9562-561E770BEEB0" + } + ] + } + ] + } + ], "references": [ { "url": "https://claroty.com/team82/disclosure-dashboard/cve-2023-2759", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2760.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2760.json index cf3a5b9f83a..cab4f4b1511 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2760.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2760.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2760", "sourceIdentifier": "info@cert.vde.com", "published": "2023-07-17T07:15:08.953", - "lastModified": "2023-07-17T13:02:37.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-27T04:09:37.207", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "info@cert.vde.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,13 +31,43 @@ }, "exploitabilityScore": 2.8, "impactScore": 4.7 + }, + { + "source": "info@cert.vde.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.7 } ] }, "weaknesses": [ { - "source": "info@cert.vde.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, + { + "source": "info@cert.vde.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +76,43 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:taphome:core_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.2", + "matchCriteriaId": "B01D7D94-C7A8-4FD6-8A85-D863DB3A7DE5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:taphome:core:-:*:*:*:*:*:*:*", + "matchCriteriaId": "230C3E69-F7C7-4A2D-9562-561E770BEEB0" + } + ] + } + ] + } + ], "references": [ { "url": "https://claroty.com/team82/disclosure-dashboard/cve-2023-2759", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-280xx/CVE-2023-28023.json b/CVE-2023/CVE-2023-280xx/CVE-2023-28023.json index ae35eea1049..44b2d003e3b 100644 --- a/CVE-2023/CVE-2023-280xx/CVE-2023-28023.json +++ b/CVE-2023/CVE-2023-280xx/CVE-2023-28023.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28023", "sourceIdentifier": "psirt@hcl.com", "published": "2023-07-18T20:15:09.593", - "lastModified": "2023-07-18T22:17:55.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-27T04:06:48.857", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "psirt@hcl.com", "type": "Secondary", @@ -34,10 +54,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hcltech:bigfix_webui:*:*:*:*:*:*:*:*", + "versionEndIncluding": "44", + "matchCriteriaId": "965E891B-99EF-4048-9330-C2F9EF2E3CB3" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106123", - "source": "psirt@hcl.com" + "source": "psirt@hcl.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28178.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28178.json index 993fe36059e..b33bf645581 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28178.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28178.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28178", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.163", - "lastModified": "2023-07-27T01:15:18.397", + "lastModified": "2023-07-27T04:15:21.700", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, watchOS 9.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. An app may be able to bypass Privacy preferences." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28180.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28180.json index c3900831956..0781905693f 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28180.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28180.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28180", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.220", - "lastModified": "2023-07-27T01:15:18.477", + "lastModified": "2023-07-27T04:15:21.890", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "A denial-of-service issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. A user in a privileged network position may be able to cause a denial-of-service." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28181.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28181.json index 133efa00d24..81d1be4766d 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28181.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28181.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28181", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.273", - "lastModified": "2023-07-27T01:15:18.557", + "lastModified": "2023-07-27T04:15:21.987", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.7, watchOS 9.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.4, macOS Big Sur 11.7.7, tvOS 16.4, watchOS 9.4. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28182.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28182.json index e2dbe2ec226..68639bc43fc 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28182.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28182.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28182", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.330", - "lastModified": "2023-07-27T01:15:18.643", + "lastModified": "2023-07-27T04:15:22.090", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28189.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28189.json index a355cb32a12..1724bc1e7cc 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28189.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28189.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28189", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.417", - "lastModified": "2023-07-27T01:15:18.747", + "lastModified": "2023-07-27T04:15:22.207", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to view sensitive information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28190.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28190.json index 0deda1d2014..a79b8e17ac8 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28190.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28190.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28190", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.493", - "lastModified": "2023-07-27T01:15:18.840", + "lastModified": "2023-07-27T04:15:22.297", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in macOS Ventura 13.3. An app may be able to access user-sensitive data." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28191.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28191.json index 3fe8d3a097e..4b60cd16246 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28191.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28191.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28191", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.240", - "lastModified": "2023-07-27T01:15:18.910", + "lastModified": "2023-07-27T04:15:22.380", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to bypass Privacy preferences." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28192.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28192.json index 7c3c94572d2..2fadc632d9d 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28192.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28192.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28192", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.577", - "lastModified": "2023-07-27T01:15:18.987", + "lastModified": "2023-07-27T04:15:22.473", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." + "value": "A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to read sensitive location information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28194.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28194.json index dc368d57ed4..bc8ad1ee466 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28194.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28194.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28194", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.633", - "lastModified": "2023-07-27T01:15:19.077", + "lastModified": "2023-07-27T04:15:22.567", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to unexpectedly create a bookmark on the Home Screen." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28200.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28200.json index cbbfa7a4c68..e353d2565c5 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28200.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28200.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28200", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.687", - "lastModified": "2023-07-27T01:15:19.147", + "lastModified": "2023-07-27T04:15:22.640", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28201.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28201.json index 734a2c72228..ada47a71b39 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28201.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28201.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28201", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.747", - "lastModified": "2023-07-27T01:15:19.227", + "lastModified": "2023-07-27T04:15:22.747", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, Safari 16.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28202.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28202.json index 925db41eb58..ca76fd9cf16 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28202.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28202.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28202", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.290", - "lastModified": "2023-07-27T01:15:19.310", + "lastModified": "2023-07-27T04:15:22.833", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory." + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app firewall setting may not take effect after exiting the Settings app." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28204.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28204.json index 8bc0b6deadc..f58538ea8f3 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28204.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28204.json @@ -2,7 +2,7 @@ "id": "CVE-2023-28204", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.333", - "lastModified": "2023-07-27T01:15:19.413", + "lastModified": "2023-07-27T04:15:22.920", "vulnStatus": "Modified", "cisaExploitAdd": "2023-05-22", "cisaActionDue": "2023-06-12", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, Safari 16.5. An app may be able to disclose kernel memory." + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28205.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28205.json index 55b105ab159..8b33f6ce265 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28205.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28205.json @@ -2,7 +2,7 @@ "id": "CVE-2023-28205", "sourceIdentifier": "product-security@apple.com", "published": "2023-04-10T19:15:07.237", - "lastModified": "2023-07-27T01:15:19.513", + "lastModified": "2023-07-27T04:15:23.007", "vulnStatus": "Modified", "cisaExploitAdd": "2023-04-10", "cisaActionDue": "2023-05-01", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 16.4.1 and iPadOS 16.4.1, Safari 16.4.1, macOS Ventura 13.3.1, iOS 15.7.5 and iPadOS 15.7.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." + "value": "A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28206.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28206.json index ec0dbd73302..2c7a8ebf359 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28206.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28206.json @@ -2,7 +2,7 @@ "id": "CVE-2023-28206", "sourceIdentifier": "product-security@apple.com", "published": "2023-04-10T19:15:07.273", - "lastModified": "2023-07-27T01:15:19.627", + "lastModified": "2023-07-27T04:15:23.103", "vulnStatus": "Modified", "cisaExploitAdd": "2023-04-10", "cisaActionDue": "2023-05-01", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1, macOS Monterey 12.6.5, macOS Big Sur 11.7.6, iOS 15.7.5 and iPadOS 15.7.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." + "value": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1, iOS 15.7.5 and iPadOS 15.7.5, macOS Big Sur 11.7.6. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-320xx/CVE-2023-32001.json b/CVE-2023/CVE-2023-320xx/CVE-2023-32001.json index 3651610ce79..89745eae557 100644 --- a/CVE-2023/CVE-2023-320xx/CVE-2023-32001.json +++ b/CVE-2023/CVE-2023-320xx/CVE-2023-32001.json @@ -2,7 +2,7 @@ "id": "CVE-2023-32001", "sourceIdentifier": "support@hackerone.com", "published": "2023-07-26T21:15:10.037", - "lastModified": "2023-07-26T21:40:11.047", + "lastModified": "2023-07-27T05:15:10.297", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -15,6 +15,10 @@ { "url": "https://hackerone.com/reports/2039870", "source": "support@hackerone.com" + }, + { + "url": "https://www.debian.org/security/2023/dsa-5460", + "source": "support@hackerone.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32352.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32352.json index e051e02d87d..85454e42413 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32352.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32352.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32352", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.427", - "lastModified": "2023-07-27T01:15:19.823", + "lastModified": "2023-07-27T04:15:23.197", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." + "value": "A logic issue was addressed with improved checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may bypass Gatekeeper checks." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32353.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32353.json index 6d32b48b882..ee5c6890544 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32353.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32353.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32353", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.470", - "lastModified": "2023-07-27T01:15:19.900", + "lastModified": "2023-07-27T04:15:23.283", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to gain elevated privileges." + "value": "A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to elevate privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32354.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32354.json index 7e1c74d3c76..bdbf5ffbeda 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32354.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32354.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32354", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.513", - "lastModified": "2023-07-27T01:15:19.990", + "lastModified": "2023-07-27T04:15:23.377", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory." + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32355.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32355.json index c0017cc92c4..0584f4128d8 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32355.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32355.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32355", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.553", - "lastModified": "2023-07-27T01:15:20.063", + "lastModified": "2023-07-27T04:15:23.467", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to modify protected parts of the file system." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32357.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32357.json index 10a44be3752..5ffe0d93d5f 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32357.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32357.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32357", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.600", - "lastModified": "2023-07-27T01:15:20.163", + "lastModified": "2023-07-27T04:15:23.567", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." + "value": "An authorization issue was addressed with improved state management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to retain access to system configuration files even after its permission is revoked." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32360.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32360.json index 388c143fc80..db4ca4d56b8 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32360.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32360.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32360", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.647", - "lastModified": "2023-07-27T01:15:20.250", + "lastModified": "2023-07-27T04:15:23.663", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An unauthenticated user may be able to access recently printed documents." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32363.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32363.json index 280e8ecacab..4d4f305e9e5 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32363.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32363.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32363", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.693", - "lastModified": "2023-07-27T01:15:20.360", + "lastModified": "2023-07-27T04:15:23.753", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4. An app may be able to disclose kernel memory." + "value": "A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Ventura 13.4. An app may be able to bypass Privacy preferences." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32364.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32364.json index c828ff99503..7d6129cc027 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32364.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32364.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32364", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:20.443", - "lastModified": "2023-07-27T01:15:20.443", + "lastModified": "2023-07-27T04:15:23.920", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. Processing web content may disclose sensitive information." + "value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.5. A sandboxed process may be able to circumvent sandbox restrictions." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32365.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32365.json index 72abbde97c8..1cf02223cd5 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32365.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32365.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32365", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.733", - "lastModified": "2023-07-27T01:15:20.510", + "lastModified": "2023-07-27T04:15:24.027", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, iOS 15.7.6 and iPadOS 15.7.6. An app may be able to disclose kernel memory." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, iOS 16.5 and iPadOS 16.5. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32367.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32367.json index f40799e84ea..406deb67d1d 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32367.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32367.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32367", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.777", - "lastModified": "2023-07-27T01:15:20.597", + "lastModified": "2023-07-27T04:15:24.180", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to disclose kernel memory." + "value": "This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to access user-sensitive data." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32368.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32368.json index 135c55aed4d..a04d8d448aa 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32368.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32368.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32368", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.823", - "lastModified": "2023-07-27T01:15:20.687", + "lastModified": "2023-07-27T04:15:24.367", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5. An app may be able to disclose kernel memory." + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. Processing a 3D model may result in disclosure of process memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32369.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32369.json index 447d9dca081..15d7c0b7e84 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32369.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32369.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32369", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.870", - "lastModified": "2023-07-27T01:15:20.823", + "lastModified": "2023-07-27T04:15:24.553", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to modify protected parts of the file system." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32371.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32371.json index 64687ade3bd..097e1948bcb 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32371.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32371.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32371", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.917", - "lastModified": "2023-07-27T01:15:21.040", + "lastModified": "2023-07-27T04:15:24.877", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to disclose kernel memory." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32372.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32372.json index d717101207e..e981ebfe70e 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32372.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32372.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32372", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.963", - "lastModified": "2023-07-27T01:15:21.123", + "lastModified": "2023-07-27T04:15:25.130", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory." + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. Processing an image may result in disclosure of process memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32373.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32373.json index a843175ae9f..a23dee8e744 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32373.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32373.json @@ -2,7 +2,7 @@ "id": "CVE-2023-32373", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.007", - "lastModified": "2023-07-27T01:15:21.227", + "lastModified": "2023-07-27T04:15:25.357", "vulnStatus": "Modified", "cisaExploitAdd": "2023-05-22", "cisaActionDue": "2023-06-12", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, Safari 16.5. An app may be able to disclose kernel memory." + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32375.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32375.json index 9a2b50f8e63..3129f32b232 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32375.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32375.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32375", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.050", - "lastModified": "2023-07-27T01:15:21.370", + "lastModified": "2023-07-27T04:15:25.630", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6. An app may be able to read sensitive location information." + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.6, macOS Ventura 13.4. Processing a 3D model may result in disclosure of process memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32376.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32376.json index a662799730a..74c58fa7155 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32376.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32376.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32376", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.097", - "lastModified": "2023-07-27T01:15:21.480", + "lastModified": "2023-07-27T04:15:25.947", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory." + "value": "This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to modify protected parts of the file system." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32380.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32380.json index 39f424b2e86..fc5c9807962 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32380.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32380.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32380", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.140", - "lastModified": "2023-07-27T01:15:21.560", + "lastModified": "2023-07-27T04:15:26.157", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. Processing a 3D model may lead to arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32381.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32381.json index 8663824db2c..5426d90930a 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32381.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32381.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32381", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T00:15:14.397", - "lastModified": "2023-07-27T01:15:21.677", + "lastModified": "2023-07-27T04:15:26.433", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Monterey 12.6.8, tvOS 16.6, watchOS 9.6, macOS Big Sur 11.7.9, macOS Ventura 13.5. Processing web content may disclose sensitive information." + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32382.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32382.json index 9843c2e78f5..a76b4571103 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32382.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32382.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32382", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.190", - "lastModified": "2023-07-27T01:15:21.753", + "lastModified": "2023-07-27T04:15:26.730", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. Processing a 3D model may result in disclosure of process memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32384.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32384.json index 867090394c0..e334266383a 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32384.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32384.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32384", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.237", - "lastModified": "2023-07-27T01:15:21.837", + "lastModified": "2023-07-27T04:15:27.003", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." + "value": "A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. Processing an image may lead to arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32385.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32385.json index 4239ee05bb3..85350bf88d5 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32385.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32385.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32385", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.283", - "lastModified": "2023-07-27T01:15:21.923", + "lastModified": "2023-07-27T04:15:27.267", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to disclose kernel memory." + "value": "A denial-of-service issue was addressed with improved memory handling. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. Opening a PDF file may lead to unexpected app termination." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32386.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32386.json index 61d96c6988e..785dc08096b 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32386.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32386.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32386", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.333", - "lastModified": "2023-07-27T01:15:22.037", + "lastModified": "2023-07-27T04:15:27.467", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to observe unprotected user data." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32387.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32387.json index 012b3524ff1..47da44841c9 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32387.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32387.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32387", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.373", - "lastModified": "2023-07-27T01:15:22.277", + "lastModified": "2023-07-27T04:15:27.747", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32388.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32388.json index 2136cb81b67..709bccfc671 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32388.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32388.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32388", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.417", - "lastModified": "2023-07-27T01:15:22.570", + "lastModified": "2023-07-27T04:15:28.020", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." + "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to bypass Privacy preferences." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32389.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32389.json index 514cc5dfb54..e4f0fbf9b43 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32389.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32389.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32389", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.467", - "lastModified": "2023-07-27T01:15:22.740", + "lastModified": "2023-07-27T04:15:28.263", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory." + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32390.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32390.json index aec55cbcc33..ff959636653 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32390.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32390.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32390", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.510", - "lastModified": "2023-07-27T01:15:22.950", + "lastModified": "2023-07-27T04:15:28.500", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. An app may be able to disclose kernel memory." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32391.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32391.json index fed0b96205f..4b1bc317620 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32391.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32391.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32391", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.557", - "lastModified": "2023-07-27T01:15:23.253", + "lastModified": "2023-07-27T04:15:28.720", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, watchOS 9.5. An app may be able to disclose kernel memory." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. A shortcut may be able to use sensitive data with certain actions without prompting the user." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32392.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32392.json index 143310d47da..eb900812e07 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32392.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32392.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32392", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.607", - "lastModified": "2023-07-27T01:15:23.450", + "lastModified": "2023-07-27T04:15:28.957", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." + "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to read sensitive location information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32393.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32393.json index 00a53edfde1..9bbb4327941 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32393.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32393.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32393", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:23.623", - "lastModified": "2023-07-27T01:15:23.623", + "lastModified": "2023-07-27T04:15:29.297", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Processing maliciously crafted web content may lead to arbitrary code execution." + "value": "The issue was addressed with improved memory handling. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Processing web content may lead to arbitrary code execution." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32394.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32394.json index 757fdaf10b9..e0097a45ca0 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32394.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32394.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32394", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.657", - "lastModified": "2023-07-27T01:15:23.793", + "lastModified": "2023-07-27T04:15:29.723", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. A person with physical access to a device may be able to view contact information from the lock screen." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32395.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32395.json index c5c4367364d..faae7473460 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32395.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32395.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32395", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.703", - "lastModified": "2023-07-27T01:15:23.990", + "lastModified": "2023-07-27T04:15:29.920", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to modify protected parts of the file system." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32397.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32397.json index cc92a237948..66aa976ffcc 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32397.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32397.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32397", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.743", - "lastModified": "2023-07-27T01:15:24.267", + "lastModified": "2023-07-27T04:15:30.267", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to modify protected parts of the file system." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32398.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32398.json index 94b76f4e0a6..4b262add502 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32398.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32398.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32398", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.783", - "lastModified": "2023-07-27T01:15:24.420", + "lastModified": "2023-07-27T04:15:30.587", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32399.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32399.json index fa3040182ac..10a46a195e5 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32399.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32399.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32399", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.827", - "lastModified": "2023-07-27T01:15:24.610", + "lastModified": "2023-07-27T04:15:30.837", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory." + "value": "The issue was addressed with improved handling of caches. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to read sensitive location information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32402.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32402.json index aff907c8b19..254a48d8073 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32402.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32402.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32402", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.917", - "lastModified": "2023-07-27T01:15:24.980", + "lastModified": "2023-07-27T04:15:31.103", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, Safari 16.5. An app may be able to disclose kernel memory." + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32403.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32403.json index 0f7144fd3e7..45eea97feea 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32403.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32403.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32403", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.960", - "lastModified": "2023-07-27T01:15:25.233", + "lastModified": "2023-07-27T04:15:31.420", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to read sensitive location information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32404.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32404.json index 4349c729fb2..f4574dcf24c 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32404.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32404.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32404", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.007", - "lastModified": "2023-07-27T01:15:25.433", + "lastModified": "2023-07-27T04:15:31.770", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. An app may be able to disclose kernel memory." + "value": "This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4. An app may be able to bypass Privacy preferences." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32405.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32405.json index 1f0f4cfaf6c..70dcca10b3d 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32405.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32405.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32405", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.047", - "lastModified": "2023-07-27T01:15:25.677", + "lastModified": "2023-07-27T04:15:32.337", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to gain root privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32407.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32407.json index 6d5e72883e9..d3530c92156 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32407.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32407.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32407", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.093", - "lastModified": "2023-07-27T01:15:25.907", + "lastModified": "2023-07-27T04:15:32.750", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." + "value": "A logic issue was addressed with improved state management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to bypass Privacy preferences." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32408.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32408.json index 378630ae48c..3249ef0e929 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32408.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32408.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32408", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.140", - "lastModified": "2023-07-27T01:15:26.057", + "lastModified": "2023-07-27T04:15:33.080", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5. An app may be able to disclose kernel memory." + "value": "The issue was addressed with improved handling of caches. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to read sensitive location information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32409.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32409.json index a66298f08db..85459a20de1 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32409.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32409.json @@ -2,7 +2,7 @@ "id": "CVE-2023-32409", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.183", - "lastModified": "2023-07-27T01:15:26.233", + "lastModified": "2023-07-27T04:15:33.340", "vulnStatus": "Modified", "cisaExploitAdd": "2023-05-22", "cisaActionDue": "2023-06-12", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, Safari 16.5. An app may be able to disclose kernel memory." + "value": "The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32410.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32410.json index 7ec4004811f..7b493a6b6b2 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32410.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32410.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32410", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.227", - "lastModified": "2023-07-27T01:15:26.533", + "lastModified": "2023-07-27T04:15:33.697", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to leak sensitive kernel state." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32411.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32411.json index 0700703e4f5..002361b9c63 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32411.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32411.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32411", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.273", - "lastModified": "2023-07-27T01:15:26.733", + "lastModified": "2023-07-27T04:15:34.007", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." + "value": "This issue was addressed with improved entitlements. This issue is fixed in tvOS 16.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to bypass Privacy preferences." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32412.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32412.json index 8a3d9df8082..9e1152785a2 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32412.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32412.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32412", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.320", - "lastModified": "2023-07-27T01:15:26.967", + "lastModified": "2023-07-27T04:15:34.367", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32413.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32413.json index 6685cc44f1a..2862bad6f3b 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32413.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32413.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32413", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.370", - "lastModified": "2023-07-27T01:15:27.100", + "lastModified": "2023-07-27T04:15:34.737", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." + "value": "A race condition was addressed with improved state handling. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to gain root privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32414.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32414.json index 9a304539fd0..23efe9c048b 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32414.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32414.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32414", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.417", - "lastModified": "2023-07-27T01:15:27.280", + "lastModified": "2023-07-27T04:15:35.130", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4. An app may be able to disclose kernel memory." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32415.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32415.json index 21559343af7..1bd6dc7644e 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32415.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32415.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32415", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.457", - "lastModified": "2023-07-27T01:15:27.517", + "lastModified": "2023-07-27T04:15:35.437", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, tvOS 16.5. An app may be able to disclose kernel memory." + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to read sensitive location information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32416.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32416.json index 19f20977d7d..4f04600d65a 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32416.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32416.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32416", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:27.807", - "lastModified": "2023-07-27T01:15:27.807", + "lastModified": "2023-07-27T04:15:35.803", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Monterey 12.6.8, watchOS 9.6, macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8. An app may be able to read sensitive location information." + "value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to read sensitive location information." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32417.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32417.json index 8e642ccb6a4..477e03ec571 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32417.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32417.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32417", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.497", - "lastModified": "2023-07-27T01:15:28.023", + "lastModified": "2023-07-27T04:15:36.150", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5. An app may be able to disclose kernel memory." + "value": "This issue was addressed by restricting options offered on a locked device. This issue is fixed in watchOS 9.5. An attacker with physical access to a locked Apple Watch may be able to view user photos or contacts via accessibility features." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32418.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32418.json index 5278430d347..7b1b3faa2f2 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32418.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32418.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32418", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:28.293", - "lastModified": "2023-07-27T01:15:28.293", + "lastModified": "2023-07-27T04:15:36.440", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to unexpected app termination or arbitrary code execution." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32419.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32419.json index 46d5d218eea..24b36aecc46 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32419.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32419.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32419", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.540", - "lastModified": "2023-07-27T01:15:28.637", + "lastModified": "2023-07-27T04:15:36.913", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5. An app may be able to disclose kernel memory." + "value": "The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.5 and iPadOS 16.5. A remote attacker may be able to cause arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32420.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32420.json index 33adca017e6..1e1fd82a74f 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32420.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32420.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32420", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.583", - "lastModified": "2023-07-27T01:15:28.833", + "lastModified": "2023-07-27T04:15:37.297", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4, tvOS 16.5. An app may be able to cause unexpected system termination or read kernel memory." + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to cause unexpected system termination or read kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32422.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32422.json index 8473097aa5f..71c3af5ffeb 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32422.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32422.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32422", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.630", - "lastModified": "2023-07-27T01:15:29.063", + "lastModified": "2023-07-27T04:15:37.567", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, tvOS 16.5. An app may be able to disclose kernel memory." + "value": "This issue was addressed by adding additional SQLite logging restrictions. This issue is fixed in iOS 16.5 and iPadOS 16.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to bypass Privacy preferences." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32423.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32423.json index 9947a12a557..fc049ceccb4 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32423.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32423.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32423", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.677", - "lastModified": "2023-07-27T01:15:29.330", + "lastModified": "2023-07-27T04:15:37.870", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, Safari 16.5. An app may be able to disclose kernel memory." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32429.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32429.json index 43f5355aa0e..44760d99459 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32429.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32429.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32429", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:29.543", - "lastModified": "2023-07-27T01:15:29.543", + "lastModified": "2023-07-27T04:15:38.207", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. Processing web content may disclose sensitive information." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. An app may be able to bypass Privacy preferences." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32433.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32433.json index 090fccaac79..8540f8cac82 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32433.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32433.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32433", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T00:15:14.877", - "lastModified": "2023-07-27T01:15:29.787", + "lastModified": "2023-07-27T04:15:38.530", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, macOS Monterey 12.6.8, watchOS 9.6, macOS Big Sur 11.7.9, macOS Ventura 13.5. Processing web content may disclose sensitive information." + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32434.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32434.json index 15e2f437f4c..ae4ae205733 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32434.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32434.json @@ -2,7 +2,7 @@ "id": "CVE-2023-32434", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.720", - "lastModified": "2023-07-27T01:15:30.130", + "lastModified": "2023-07-27T04:15:38.893", "vulnStatus": "Modified", "cisaExploitAdd": "2023-06-23", "cisaActionDue": "2023-07-14", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "An integer overflow was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.7, iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Big Sur 11.7.8, watchOS 9.5.2, macOS Ventura 13.4.1, watchOS 8.8.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7." + "value": "An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32435.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32435.json index 07e0700b9db..aa82ef9d6bc 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32435.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32435.json @@ -2,7 +2,7 @@ "id": "CVE-2023-32435", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.767", - "lastModified": "2023-07-27T01:15:30.517", + "lastModified": "2023-07-27T04:15:39.117", "vulnStatus": "Modified", "cisaExploitAdd": "2023-06-23", "cisaActionDue": "2023-07-14", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, iOS 15.7.7 and iPadOS 15.7.7, Safari 16.4, macOS Ventura 13.3. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." + "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32437.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32437.json index 62f4daa3db1..4d1b272fbfb 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32437.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32437.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32437", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T00:15:15.013", - "lastModified": "2023-07-27T01:15:30.757", + "lastModified": "2023-07-27T04:15:39.367", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6. Processing web content may disclose sensitive information." + "value": "The issue was addressed with improvements to the file handling protocol. This issue is fixed in iOS 16.6 and iPadOS 16.6. An app may be able to break out of its sandbox." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32439.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32439.json index 311c380f15c..f8de26393d7 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32439.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32439.json @@ -2,7 +2,7 @@ "id": "CVE-2023-32439", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.813", - "lastModified": "2023-07-27T01:15:31.083", + "lastModified": "2023-07-27T04:15:39.603", "vulnStatus": "Modified", "cisaExploitAdd": "2023-06-23", "cisaActionDue": "2023-07-14", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "A type confusion issue was addressed with improved checks. This issue is fixed in Safari 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Ventura 13.4.1, iOS 16.5.1 and iPadOS 16.5.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." + "value": "A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Ventura 13.4.1, Safari 16.5.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32441.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32441.json index 6fcea81dd09..d115d3a279b 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32441.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32441.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32441", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:31.510", - "lastModified": "2023-07-27T01:15:31.510", + "lastModified": "2023-07-27T04:15:39.943", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, tvOS 16.6, watchOS 9.6, macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8. An app may be able to execute arbitrary code with kernel privileges." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32442.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32442.json index ed7b3c93f1c..5b341f3c0f1 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32442.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32442.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32442", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:31.787", - "lastModified": "2023-07-27T01:15:31.787", + "lastModified": "2023-07-27T04:15:40.287", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + "value": "An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. A shortcut may be able to modify sensitive Shortcuts app settings." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32443.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32443.json index 4e180acbf54..e6ea5721835 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32443.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32443.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32443", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:31.987", - "lastModified": "2023-07-27T01:15:31.987", + "lastModified": "2023-07-27T04:15:40.530", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32450.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32450.json new file mode 100644 index 00000000000..77cd67223ec --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32450.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32450", + "sourceIdentifier": "security_alert@emc.com", + "published": "2023-07-27T05:15:10.363", + "lastModified": "2023-07-27T05:15:10.363", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nDell Power Manager, Versions 3.3 to 3.14 contains an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security_alert@emc.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "security_alert@emc.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-379" + } + ] + } + ], + "references": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000215215/dsa-2023-181-dell-power-manager-security-update-for-an-improper-access-control-vulnerability", + "source": "security_alert@emc.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32734.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32734.json index ed845d91c34..8a551d60f37 100644 --- a/CVE-2023/CVE-2023-327xx/CVE-2023-32734.json +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32734.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32734", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:32.363", - "lastModified": "2023-07-27T01:15:32.363", + "lastModified": "2023-07-27T04:15:40.777", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges." + "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-334xx/CVE-2023-33460.json b/CVE-2023/CVE-2023-334xx/CVE-2023-33460.json index 5ca36175cdc..1931963c3f3 100644 --- a/CVE-2023/CVE-2023-334xx/CVE-2023-33460.json +++ b/CVE-2023/CVE-2023-334xx/CVE-2023-33460.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33460", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-06T12:15:09.447", - "lastModified": "2023-07-21T04:15:14.427", - "vulnStatus": "Modified", + "lastModified": "2023-07-27T05:15:10.483", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -89,6 +89,10 @@ { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLE3C4CECEJ4EUYI56KXI6OWACWXX7WN/", "source": "cve@mitre.org" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YO32YDJ74DADC7CMJNLSLBVWN5EXGF5J/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35012.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35012.json index 096d9127561..a93e06cabc0 100644 --- a/CVE-2023/CVE-2023-350xx/CVE-2023-35012.json +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35012.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35012", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-07-17T01:15:08.693", - "lastModified": "2023-07-17T13:02:37.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-27T04:04:20.053", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +76,60 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:11.5:*:*:*:*:-:*:*", + "matchCriteriaId": "2788AA73-3346-4454-948E-9C1556DDDEBA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/257763", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7010747", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-359xx/CVE-2023-35983.json b/CVE-2023/CVE-2023-359xx/CVE-2023-35983.json index 906035f1240..8eca3189038 100644 --- a/CVE-2023/CVE-2023-359xx/CVE-2023-35983.json +++ b/CVE-2023/CVE-2023-359xx/CVE-2023-35983.json @@ -2,12 +2,12 @@ "id": "CVE-2023-35983", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T00:15:15.133", - "lastModified": "2023-07-27T01:15:32.667", + "lastModified": "2023-07-27T04:15:41.037", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + "value": "This issue was addressed with improved data protection. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-359xx/CVE-2023-35993.json b/CVE-2023/CVE-2023-359xx/CVE-2023-35993.json index f0a9f19a3a6..e850939c99c 100644 --- a/CVE-2023/CVE-2023-359xx/CVE-2023-35993.json +++ b/CVE-2023/CVE-2023-359xx/CVE-2023-35993.json @@ -2,12 +2,12 @@ "id": "CVE-2023-35993", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:32.877", - "lastModified": "2023-07-27T01:15:32.877", + "lastModified": "2023-07-27T04:15:41.237", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, tvOS 16.6, watchOS 9.6, macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8. An app may be able to execute arbitrary code with kernel privileges." + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36818.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36818.json index ee0cbefac4c..34629b1263b 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36818.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36818.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36818", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-14T22:15:09.243", - "lastModified": "2023-07-17T13:02:46.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-27T04:04:36.043", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -36,8 +56,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,14 +76,37 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "9FE11D4E-32EE-48F4-8082-B37D2F804450" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/discourse/discourse/commit/52b003d915761f1581ae2d105f3cbe76df7bf1ff", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/discourse/discourse/security/advisories/GHSA-gxqx-3q2p-37gm", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36854.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36854.json index 8ff09ac9557..5747d7c78d8 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36854.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36854.json @@ -2,12 +2,12 @@ "id": "CVE-2023-36854", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T00:15:15.247", - "lastModified": "2023-07-27T01:15:33.193", + "lastModified": "2023-07-27T04:15:41.507", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to unexpected app termination or arbitrary code execution." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36862.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36862.json index d1ddb0fec5d..8ab6b963765 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36862.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36862.json @@ -2,12 +2,12 @@ "id": "CVE-2023-36862", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T00:15:15.367", - "lastModified": "2023-07-27T01:15:33.580", + "lastModified": "2023-07-27T04:15:41.747", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. Processing web content may disclose sensitive information." + "value": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.5. An app may be able to determine a user\u2019s current location." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-371xx/CVE-2023-37143.json b/CVE-2023/CVE-2023-371xx/CVE-2023-37143.json index c13632b2ad9..a51810963db 100644 --- a/CVE-2023/CVE-2023-371xx/CVE-2023-37143.json +++ b/CVE-2023/CVE-2023-371xx/CVE-2023-37143.json @@ -2,19 +2,76 @@ "id": "CVE-2023-37143", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-18T20:15:09.947", - "lastModified": "2023-07-18T22:17:55.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-27T04:00:42.933", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function BackwardPass::IsEmptyLoopAfterMemOp()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:chakracore:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7FF3889F-978A-4F39-9A0D-E633A887059B" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/chakra-core/ChakraCore/issues/6888", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37450.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37450.json index 90c28761a19..8a0bf8c0398 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37450.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37450.json @@ -2,7 +2,7 @@ "id": "CVE-2023-37450", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T00:15:15.497", - "lastModified": "2023-07-27T01:15:33.857", + "lastModified": "2023-07-27T04:15:42.017", "vulnStatus": "Received", "cisaExploitAdd": "2023-07-13", "cisaActionDue": "2023-08-03", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, watchOS 9.6, macOS Ventura 13.5, Safari 16.5.2. Processing web content may disclose sensitive information." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-377xx/CVE-2023-37788.json b/CVE-2023/CVE-2023-377xx/CVE-2023-37788.json index 30aa6988695..f19d9c6097b 100644 --- a/CVE-2023/CVE-2023-377xx/CVE-2023-37788.json +++ b/CVE-2023/CVE-2023-377xx/CVE-2023-37788.json @@ -2,23 +2,83 @@ "id": "CVE-2023-37788", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-18T19:15:10.060", - "lastModified": "2023-07-18T19:49:32.270", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-27T04:05:09.953", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "goproxy v1.1 was discovered to contain an issue which can lead to a Denial of service (DoS) via unspecified vectors." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:goproxy_project:goproxy:1.1:*:*:*:*:*:*:*", + "matchCriteriaId": "2191FE45-7A9D-4899-AAE8-C4C2844D46E6" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/elazarl/goproxy", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/elazarl/goproxy/issues/502", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-37xx/CVE-2023-3708.json b/CVE-2023/CVE-2023-37xx/CVE-2023-3708.json index 51be776d699..c9b6fa2ca40 100644 --- a/CVE-2023/CVE-2023-37xx/CVE-2023-3708.json +++ b/CVE-2023/CVE-2023-37xx/CVE-2023-3708.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3708", "sourceIdentifier": "security@wordfence.com", "published": "2023-07-18T03:15:55.897", - "lastModified": "2023-07-18T12:58:57.160", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-27T04:03:26.540", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,30 +46,66 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:deothemes:medikaid:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.1.3", + "matchCriteriaId": "5FA36880-0059-43BB-9CED-5513D3EE2DC8" + } + ] + } + ] + } + ], "references": [ { "url": "https://deothemes.com/changelog/medikaid-changelog/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=196755%40nokke&new=196755%40nokke&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=196756%40arendelle&new=196756%40arendelle&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=196757%40amela&new=196757%40amela&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=196758%40everse&new=196758%40everse&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1b8b0f14-f31a-45cd-bb98-0b717059aa80?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38133.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38133.json index a4f69cf1773..af930f3dd67 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38133.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38133.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38133", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T00:15:15.620", - "lastModified": "2023-07-27T01:15:34.140", + "lastModified": "2023-07-27T04:15:42.297", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, watchOS 9.6, macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.6. Processing web content may disclose sensitive information." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may disclose sensitive information." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38136.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38136.json index dbc26ba6542..5c9013e2f52 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38136.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38136.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38136", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:34.487", - "lastModified": "2023-07-27T01:15:34.487", + "lastModified": "2023-07-27T04:15:42.747", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6. Processing web content may disclose sensitive information." + "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38197.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38197.json index 0619fdbf792..e938f1233c6 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38197.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38197.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38197", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-13T02:15:09.677", - "lastModified": "2023-07-25T14:10:05.513", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T05:15:10.613", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -85,6 +85,18 @@ "tags": [ "Patch" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F5C3NYVJ73ITE6HUOVVHBUAGORVEJRHO/", + "source": "cve@mitre.org" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XEGQ6DFTL2BEJMHCD5FJGI6XLWQI7UEA/", + "source": "cve@mitre.org" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFZORZYCMUZZFIOEZICJ7VH2BZIGY3HV/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-382xx/CVE-2023-38258.json b/CVE-2023/CVE-2023-382xx/CVE-2023-38258.json index 9c9d34184aa..4e845fce06a 100644 --- a/CVE-2023/CVE-2023-382xx/CVE-2023-38258.json +++ b/CVE-2023/CVE-2023-382xx/CVE-2023-38258.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38258", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:34.683", - "lastModified": "2023-07-27T01:15:34.683", + "lastModified": "2023-07-27T04:15:43.523", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. Processing a 3D model may result in disclosure of process memory." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-382xx/CVE-2023-38259.json b/CVE-2023/CVE-2023-382xx/CVE-2023-38259.json index 72c24f6d6fc..903f11f8736 100644 --- a/CVE-2023/CVE-2023-382xx/CVE-2023-38259.json +++ b/CVE-2023/CVE-2023-382xx/CVE-2023-38259.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38259", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:34.920", - "lastModified": "2023-07-27T01:15:34.920", + "lastModified": "2023-07-27T04:15:43.787", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + "value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to access user-sensitive data." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-384xx/CVE-2023-38410.json b/CVE-2023/CVE-2023-384xx/CVE-2023-38410.json index 07636039bba..1fb0b1ee3d8 100644 --- a/CVE-2023/CVE-2023-384xx/CVE-2023-38410.json +++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38410.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38410", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T00:15:15.767", - "lastModified": "2023-07-27T01:15:35.443", + "lastModified": "2023-07-27T04:15:44.003", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6. Processing web content may disclose sensitive information." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A user may be able to elevate privileges." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-384xx/CVE-2023-38421.json b/CVE-2023/CVE-2023-384xx/CVE-2023-38421.json index 225352187f9..9706e600263 100644 --- a/CVE-2023/CVE-2023-384xx/CVE-2023-38421.json +++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38421.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38421", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:35.833", - "lastModified": "2023-07-27T01:15:35.833", + "lastModified": "2023-07-27T04:15:44.237", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. Processing a 3D model may result in disclosure of process memory." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-384xx/CVE-2023-38424.json b/CVE-2023/CVE-2023-384xx/CVE-2023-38424.json index 607a4d06faa..113bccc5b19 100644 --- a/CVE-2023/CVE-2023-384xx/CVE-2023-38424.json +++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38424.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38424", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:36.070", - "lastModified": "2023-07-27T01:15:36.070", + "lastModified": "2023-07-27T04:15:44.553", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6. Processing web content may disclose sensitive information." + "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-384xx/CVE-2023-38425.json b/CVE-2023/CVE-2023-384xx/CVE-2023-38425.json index 9df4a5b6a74..e8be89b80f6 100644 --- a/CVE-2023/CVE-2023-384xx/CVE-2023-38425.json +++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38425.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38425", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:36.347", - "lastModified": "2023-07-27T01:15:36.347", + "lastModified": "2023-07-27T04:15:44.827", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6. Processing web content may disclose sensitive information." + "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-384xx/CVE-2023-38434.json b/CVE-2023/CVE-2023-384xx/CVE-2023-38434.json index 9f8da95f935..50d414e0041 100644 --- a/CVE-2023/CVE-2023-384xx/CVE-2023-38434.json +++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38434.json @@ -2,19 +2,88 @@ "id": "CVE-2023-38434", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-18T03:15:55.610", - "lastModified": "2023-07-18T12:58:57.160", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-27T04:03:48.217", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "xHTTP 72f812d has a double free in close_connection in xhttp.c via a malformed HTTP request method." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-415" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xhttp_project:xhttp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2C3596E9-546C-4C88-A056-8DEFCC8E3494" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/cozis/xHTTP/issues/1", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38565.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38565.json index 28df4000eb8..cc3f1507426 100644 --- a/CVE-2023/CVE-2023-385xx/CVE-2023-38565.json +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38565.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38565", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:36.677", - "lastModified": "2023-07-27T01:15:36.677", + "lastModified": "2023-07-27T04:15:45.210", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Monterey 12.6.8, watchOS 9.6, macOS Big Sur 11.7.9, macOS Ventura 13.5. Processing web content may disclose sensitive information." + "value": "A path handling issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to gain root privileges." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38572.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38572.json index fc455b6ef81..878528a8cdb 100644 --- a/CVE-2023/CVE-2023-385xx/CVE-2023-38572.json +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38572.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38572", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:36.913", - "lastModified": "2023-07-27T01:15:36.913", + "lastModified": "2023-07-27T04:15:45.570", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, watchOS 9.6, macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.6. A website may be able to bypass Same Origin Policy." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. A website may be able to bypass Same Origin Policy." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38593.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38593.json index bbe54d7910c..262f3155625 100644 --- a/CVE-2023/CVE-2023-385xx/CVE-2023-38593.json +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38593.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38593", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:37.330", - "lastModified": "2023-07-27T01:15:37.330", + "lastModified": "2023-07-27T04:15:45.950", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Monterey 12.6.8, watchOS 9.6, macOS Big Sur 11.7.9, macOS Ventura 13.5. Processing web content may disclose sensitive information." + "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to cause a denial-of-service." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38594.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38594.json index abf2a90051b..05405a70aca 100644 --- a/CVE-2023/CVE-2023-385xx/CVE-2023-38594.json +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38594.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38594", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T00:15:15.887", - "lastModified": "2023-07-27T01:15:37.537", + "lastModified": "2023-07-27T04:15:46.267", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, watchOS 9.6, Safari 16.6, macOS Ventura 13.5. Processing web content may disclose sensitive information." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38595.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38595.json index c73570da5d8..54187ebdbee 100644 --- a/CVE-2023/CVE-2023-385xx/CVE-2023-38595.json +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38595.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38595", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:37.767", - "lastModified": "2023-07-27T01:15:37.767", + "lastModified": "2023-07-27T04:15:46.603", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, watchOS 9.6, Safari 16.6, macOS Ventura 13.5. Processing web content may disclose sensitive information." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38597.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38597.json index b046b01ed16..a5100dbe997 100644 --- a/CVE-2023/CVE-2023-385xx/CVE-2023-38597.json +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38597.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38597", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T00:15:16.030", - "lastModified": "2023-07-27T01:15:37.990", + "lastModified": "2023-07-27T04:15:46.957", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, Safari 16.6. Processing web content may disclose sensitive information." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, Safari 16.6. Processing web content may lead to arbitrary code execution." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38600.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38600.json index c56b7685748..bb348220771 100644 --- a/CVE-2023/CVE-2023-386xx/CVE-2023-38600.json +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38600.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38600", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:38.187", - "lastModified": "2023-07-27T01:15:38.187", + "lastModified": "2023-07-27T04:15:47.267", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6, Safari 16.6. Processing web content may lead to arbitrary code execution." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38602.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38602.json index 2597e2bfe3d..1339bb24b30 100644 --- a/CVE-2023/CVE-2023-386xx/CVE-2023-38602.json +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38602.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38602", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:38.400", - "lastModified": "2023-07-27T01:15:38.400", + "lastModified": "2023-07-27T04:15:47.573", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38603.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38603.json index a707cbb90e3..153266a46ee 100644 --- a/CVE-2023/CVE-2023-386xx/CVE-2023-38603.json +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38603.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38603", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:38.630", - "lastModified": "2023-07-27T01:15:38.630", + "lastModified": "2023-07-27T04:15:47.900", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6. Processing web content may disclose sensitive information." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A remote user may be able to cause a denial-of-service." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38606.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38606.json index 333e4aaaa28..37491f0c0d0 100644 --- a/CVE-2023/CVE-2023-386xx/CVE-2023-38606.json +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38606.json @@ -2,7 +2,7 @@ "id": "CVE-2023-38606", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T00:15:16.173", - "lastModified": "2023-07-27T01:15:38.903", + "lastModified": "2023-07-27T04:15:48.257", "vulnStatus": "Received", "cisaExploitAdd": "2023-07-26", "cisaActionDue": "2023-08-16", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, macOS Monterey 12.6.8, watchOS 9.6, macOS Big Sur 11.7.9, macOS Ventura 13.5. Processing web content may disclose sensitive information." + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38608.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38608.json index 8906b976649..43604dc4acb 100644 --- a/CVE-2023/CVE-2023-386xx/CVE-2023-38608.json +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38608.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38608", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:39.113", - "lastModified": "2023-07-27T01:15:39.113", + "lastModified": "2023-07-27T04:15:48.577", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. Processing web content may disclose sensitive information." + "value": "The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.5. An app may be able to access user-sensitive data." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38611.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38611.json index 21d2f5899c0..39109707b06 100644 --- a/CVE-2023/CVE-2023-386xx/CVE-2023-38611.json +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38611.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38611", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:39.303", - "lastModified": "2023-07-27T01:15:39.303", + "lastModified": "2023-07-27T04:15:48.833", "vulnStatus": "Received", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6, Safari 16.6. Processing web content may lead to arbitrary code execution." + "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution." } ], "metrics": {}, diff --git a/README.md b/README.md index a5012d5aeda..e7a7148923f 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-07-27T04:00:26.115680+00:00 +2023-07-27T06:00:26.346583+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-07-27T03:57:28.410000+00:00 +2023-07-27T05:15:10.613000+00:00 ``` ### Last Data Feed Release @@ -29,44 +29,45 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -221135 +221136 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `1` +* [CVE-2023-32450](CVE-2023/CVE-2023-324xx/CVE-2023-32450.json) (`2023-07-27T05:15:10.363`) ### CVEs modified in the last Commit -Recently modified CVEs: `54` +Recently modified CVEs: `204` -* [CVE-2023-37265](CVE-2023/CVE-2023-372xx/CVE-2023-37265.json) (`2023-07-27T03:48:19.630`) -* [CVE-2023-37266](CVE-2023/CVE-2023-372xx/CVE-2023-37266.json) (`2023-07-27T03:48:26.790`) -* [CVE-2023-3585](CVE-2023/CVE-2023-35xx/CVE-2023-3585.json) (`2023-07-27T03:48:44.793`) -* [CVE-2023-36511](CVE-2023/CVE-2023-365xx/CVE-2023-36511.json) (`2023-07-27T03:48:59.503`) -* [CVE-2023-38409](CVE-2023/CVE-2023-384xx/CVE-2023-38409.json) (`2023-07-27T03:49:09.943`) -* [CVE-2023-37462](CVE-2023/CVE-2023-374xx/CVE-2023-37462.json) (`2023-07-27T03:49:18.930`) -* [CVE-2023-22061](CVE-2023/CVE-2023-220xx/CVE-2023-22061.json) (`2023-07-27T03:50:36.073`) -* [CVE-2023-22027](CVE-2023/CVE-2023-220xx/CVE-2023-22027.json) (`2023-07-27T03:50:41.937`) -* [CVE-2023-22011](CVE-2023/CVE-2023-220xx/CVE-2023-22011.json) (`2023-07-27T03:50:48.057`) -* [CVE-2023-30906](CVE-2023/CVE-2023-309xx/CVE-2023-30906.json) (`2023-07-27T03:50:58.670`) -* [CVE-2023-36850](CVE-2023/CVE-2023-368xx/CVE-2023-36850.json) (`2023-07-27T03:51:03.723`) -* [CVE-2023-37472](CVE-2023/CVE-2023-374xx/CVE-2023-37472.json) (`2023-07-27T03:51:08.590`) -* [CVE-2023-25838](CVE-2023/CVE-2023-258xx/CVE-2023-25838.json) (`2023-07-27T03:51:27.550`) -* [CVE-2023-26512](CVE-2023/CVE-2023-265xx/CVE-2023-26512.json) (`2023-07-27T03:51:47.523`) -* [CVE-2023-33312](CVE-2023/CVE-2023-333xx/CVE-2023-33312.json) (`2023-07-27T03:53:11.797`) -* [CVE-2023-33329](CVE-2023/CVE-2023-333xx/CVE-2023-33329.json) (`2023-07-27T03:53:27.643`) -* [CVE-2023-28019](CVE-2023/CVE-2023-280xx/CVE-2023-28019.json) (`2023-07-27T03:53:40.647`) -* [CVE-2023-34035](CVE-2023/CVE-2023-340xx/CVE-2023-34035.json) (`2023-07-27T03:54:48.737`) -* [CVE-2023-30153](CVE-2023/CVE-2023-301xx/CVE-2023-30153.json) (`2023-07-27T03:55:02.780`) -* [CVE-2023-38325](CVE-2023/CVE-2023-383xx/CVE-2023-38325.json) (`2023-07-27T03:55:33.093`) -* [CVE-2023-33231](CVE-2023/CVE-2023-332xx/CVE-2023-33231.json) (`2023-07-27T03:56:11.813`) -* [CVE-2023-28021](CVE-2023/CVE-2023-280xx/CVE-2023-28021.json) (`2023-07-27T03:56:32.187`) -* [CVE-2023-28020](CVE-2023/CVE-2023-280xx/CVE-2023-28020.json) (`2023-07-27T03:56:44.280`) -* [CVE-2023-3633](CVE-2023/CVE-2023-36xx/CVE-2023-3633.json) (`2023-07-27T03:56:59.660`) -* [CVE-2023-37141](CVE-2023/CVE-2023-371xx/CVE-2023-37141.json) (`2023-07-27T03:57:28.410`) +* [CVE-2023-37450](CVE-2023/CVE-2023-374xx/CVE-2023-37450.json) (`2023-07-27T04:15:42.017`) +* [CVE-2023-38133](CVE-2023/CVE-2023-381xx/CVE-2023-38133.json) (`2023-07-27T04:15:42.297`) +* [CVE-2023-38136](CVE-2023/CVE-2023-381xx/CVE-2023-38136.json) (`2023-07-27T04:15:42.747`) +* [CVE-2023-38258](CVE-2023/CVE-2023-382xx/CVE-2023-38258.json) (`2023-07-27T04:15:43.523`) +* [CVE-2023-38259](CVE-2023/CVE-2023-382xx/CVE-2023-38259.json) (`2023-07-27T04:15:43.787`) +* [CVE-2023-38410](CVE-2023/CVE-2023-384xx/CVE-2023-38410.json) (`2023-07-27T04:15:44.003`) +* [CVE-2023-38421](CVE-2023/CVE-2023-384xx/CVE-2023-38421.json) (`2023-07-27T04:15:44.237`) +* [CVE-2023-38424](CVE-2023/CVE-2023-384xx/CVE-2023-38424.json) (`2023-07-27T04:15:44.553`) +* [CVE-2023-38425](CVE-2023/CVE-2023-384xx/CVE-2023-38425.json) (`2023-07-27T04:15:44.827`) +* [CVE-2023-38565](CVE-2023/CVE-2023-385xx/CVE-2023-38565.json) (`2023-07-27T04:15:45.210`) +* [CVE-2023-38572](CVE-2023/CVE-2023-385xx/CVE-2023-38572.json) (`2023-07-27T04:15:45.570`) +* [CVE-2023-38593](CVE-2023/CVE-2023-385xx/CVE-2023-38593.json) (`2023-07-27T04:15:45.950`) +* [CVE-2023-38594](CVE-2023/CVE-2023-385xx/CVE-2023-38594.json) (`2023-07-27T04:15:46.267`) +* [CVE-2023-38595](CVE-2023/CVE-2023-385xx/CVE-2023-38595.json) (`2023-07-27T04:15:46.603`) +* [CVE-2023-38597](CVE-2023/CVE-2023-385xx/CVE-2023-38597.json) (`2023-07-27T04:15:46.957`) +* [CVE-2023-38600](CVE-2023/CVE-2023-386xx/CVE-2023-38600.json) (`2023-07-27T04:15:47.267`) +* [CVE-2023-38602](CVE-2023/CVE-2023-386xx/CVE-2023-38602.json) (`2023-07-27T04:15:47.573`) +* [CVE-2023-38603](CVE-2023/CVE-2023-386xx/CVE-2023-38603.json) (`2023-07-27T04:15:47.900`) +* [CVE-2023-38606](CVE-2023/CVE-2023-386xx/CVE-2023-38606.json) (`2023-07-27T04:15:48.257`) +* [CVE-2023-38608](CVE-2023/CVE-2023-386xx/CVE-2023-38608.json) (`2023-07-27T04:15:48.577`) +* [CVE-2023-38611](CVE-2023/CVE-2023-386xx/CVE-2023-38611.json) (`2023-07-27T04:15:48.833`) +* [CVE-2023-20593](CVE-2023/CVE-2023-205xx/CVE-2023-20593.json) (`2023-07-27T05:15:10.213`) +* [CVE-2023-32001](CVE-2023/CVE-2023-320xx/CVE-2023-32001.json) (`2023-07-27T05:15:10.297`) +* [CVE-2023-33460](CVE-2023/CVE-2023-334xx/CVE-2023-33460.json) (`2023-07-27T05:15:10.483`) +* [CVE-2023-38197](CVE-2023/CVE-2023-381xx/CVE-2023-38197.json) (`2023-07-27T05:15:10.613`) ## Download and Usage