diff --git a/CVE-2023/CVE-2023-234xx/CVE-2023-23494.json b/CVE-2023/CVE-2023-234xx/CVE-2023-23494.json index 0bb04360586..6692ee58403 100644 --- a/CVE-2023/CVE-2023-234xx/CVE-2023-23494.json +++ b/CVE-2023/CVE-2023-234xx/CVE-2023-23494.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23494", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.063", - "lastModified": "2023-05-11T17:10:28.070", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:10.397", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4. A user in a privileged network position may be able to cause a denial-of-service" + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-234xx/CVE-2023-23496.json b/CVE-2023/CVE-2023-234xx/CVE-2023-23496.json index 2a913a1147a..6f285490b60 100644 --- a/CVE-2023/CVE-2023-234xx/CVE-2023-23496.json +++ b/CVE-2023/CVE-2023-234xx/CVE-2023-23496.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23496", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.157", - "lastModified": "2023-03-08T23:28:33.047", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:10.473", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution." + "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, Safari 16.3, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2. Processing maliciously crafted web content may lead to arbitrary code execution." } ], "metrics": { @@ -95,6 +95,10 @@ } ], "references": [ + { + "url": "https://support.apple.com/en-us/HT213531", + "source": "product-security@apple.com" + }, { "url": "https://support.apple.com/en-us/HT213599", "source": "product-security@apple.com", @@ -134,6 +138,10 @@ "Release Notes", "Vendor Advisory" ] + }, + { + "url": "https://support.apple.com/en-us/HT213638", + "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-234xx/CVE-2023-23497.json b/CVE-2023/CVE-2023-234xx/CVE-2023-23497.json index 0f91672741d..5a7fadaa155 100644 --- a/CVE-2023/CVE-2023-234xx/CVE-2023-23497.json +++ b/CVE-2023/CVE-2023-234xx/CVE-2023-23497.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23497", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.220", - "lastModified": "2023-03-08T23:28:18.597", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:10.597", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, macOS Big Sur 11.7.3. An app may be able to gain root privileges." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Big Sur 11.7.3, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-234xx/CVE-2023-23498.json b/CVE-2023/CVE-2023-234xx/CVE-2023-23498.json index 30b590629d1..1355e015747 100644 --- a/CVE-2023/CVE-2023-234xx/CVE-2023-23498.json +++ b/CVE-2023/CVE-2023-234xx/CVE-2023-23498.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23498", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.287", - "lastModified": "2023-03-08T23:13:27.370", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:10.787", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3. The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account." + "value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in iOS 15.7.3 and iPadOS 15.7.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An HTML document may be able to render iframes with sensitive user information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-234xx/CVE-2023-23499.json b/CVE-2023/CVE-2023-234xx/CVE-2023-23499.json index a6429c41446..ba77b2a242f 100644 --- a/CVE-2023/CVE-2023-234xx/CVE-2023-23499.json +++ b/CVE-2023/CVE-2023-234xx/CVE-2023-23499.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23499", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.353", - "lastModified": "2023-03-08T23:12:59.307", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:10.943", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. An app may be able to access user-sensitive data." + "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, macOS Big Sur 11.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23500.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23500.json index a038e884229..b7d2536fb3a 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23500.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23500.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23500", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.423", - "lastModified": "2023-03-08T19:16:52.377", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:11.067", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to leak sensitive kernel state." + "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2. Processing maliciously crafted web content may lead to arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23501.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23501.json index 4930545c640..e7c37809372 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23501.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23501.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23501", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.497", - "lastModified": "2023-03-08T23:29:03.033", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:11.203", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling This issue is fixed in macOS Ventura 13.2. An app may be able to disclose kernel memory.." + "value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2. An HTML document may be able to render iframes with sensitive user information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23502.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23502.json index 5e360ba8ed1..e8a34566db7 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23502.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23502.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23502", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.553", - "lastModified": "2023-03-08T20:34:49.687", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:11.353", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to determine kernel memory layout." + "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23503.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23503.json index 7de84ddc899..2275c4615e7 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23503.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23503.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23503", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.617", - "lastModified": "2023-03-08T20:35:13.497", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:11.463", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences." + "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2. Processing maliciously crafted web content may lead to arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23504.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23504.json index 2d088f9acd3..54520470abc 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23504.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23504.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23504", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.677", - "lastModified": "2023-03-08T20:34:25.793", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:11.587", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code with kernel privileges." + "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23505.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23505.json index a44c3f0a4bb..18f646cfb89 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23505.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23505.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23505", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.750", - "lastModified": "2023-03-08T16:34:55.200", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:11.723", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, iOS 15.7.3 and iPadOS 15.7.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. An app may be able to access information about a user\u2019s contacts." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23506.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23506.json index 058737dda27..84f4e692f73 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23506.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23506.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23506", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.817", - "lastModified": "2023-03-08T16:01:31.480", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:11.893", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access user-sensitive data." + "value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2. An HTML document may be able to render iframes with sensitive user information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23507.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23507.json index bb8522a2d20..ef5d7a84606 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23507.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23507.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23507", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.880", - "lastModified": "2023-03-04T02:04:12.387", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:12.153", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to execute arbitrary code with kernel privileges." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23508.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23508.json index a8c8dc28a96..16b441a9802 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23508.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23508.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23508", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:13.940", - "lastModified": "2023-03-04T02:04:23.613", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T00:15:11.550", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, macOS Big Sur 11.7.3. An app may be able to bypass Privacy preferences." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Big Sur 11.7.3, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23510.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23510.json index 592fe4ed29a..3842fbb5f4e 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23510.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23510.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23510", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.010", - "lastModified": "2023-03-08T16:21:15.840", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:12.313", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access a user\u2019s Safari history." + "value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2. An HTML document may be able to render iframes with sensitive user information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23511.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23511.json index b257ffa4b55..0e29ddd9aad 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23511.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23511.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23511", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.073", - "lastModified": "2023-03-04T02:04:38.247", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:12.487", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences." + "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23512.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23512.json index 7b8b7f2887e..5748a86c1d7 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23512.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23512.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23512", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.133", - "lastModified": "2023-03-04T02:04:51.727", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:12.597", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Visiting a website may lead to an app denial-of-service." + "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Processing maliciously crafted web content may lead to arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23513.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23513.json index f75eb122b2a..ac5cf79aef8 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23513.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23513.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23513", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.200", - "lastModified": "2023-07-13T23:15:10.007", + "lastModified": "2023-07-27T01:15:12.730", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, macOS Big Sur 11.7.3. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Big Sur 11.7.3, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences." } ], "metrics": { @@ -99,10 +99,6 @@ "tags": [ "Vendor Advisory" ] - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1660", - "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23514.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23514.json index c043f73f5ae..7bfceaa6653 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23514.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23514.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23514", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.263", - "lastModified": "2023-03-28T05:15:15.937", + "lastModified": "2023-07-27T01:15:12.897", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1. An app may be able to execute arbitrary code with kernel privileges.." + "value": "A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.2.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." } ], "metrics": { @@ -78,22 +78,6 @@ } ], "references": [ - { - "url": "http://packetstormsecurity.com/files/171359/XNU-NFSSVC-Root-Check-Bypass-Use-After-Free.html", - "source": "product-security@apple.com" - }, - { - "url": "http://seclists.org/fulldisclosure/2023/Mar/17", - "source": "product-security@apple.com" - }, - { - "url": "http://seclists.org/fulldisclosure/2023/Mar/18", - "source": "product-security@apple.com" - }, - { - "url": "http://seclists.org/fulldisclosure/2023/Mar/21", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213633", "source": "product-security@apple.com", @@ -109,15 +93,15 @@ ] }, { - "url": "https://support.apple.com/kb/HT213670", + "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com" }, { - "url": "https://support.apple.com/kb/HT213675", + "url": "https://support.apple.com/en-us/HT213675", "source": "product-security@apple.com" }, { - "url": "https://support.apple.com/kb/HT213677", + "url": "https://support.apple.com/en-us/HT213677", "source": "product-security@apple.com" } ] diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23516.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23516.json index 6e743ceac90..68760a37c3a 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23516.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23516.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23516", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:10.797", - "lastModified": "2023-06-27T10:50:59.907", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:13.080", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Big Sur 11.7.3, macOS Ventura 13.2. An app may be able to execute arbitrary code with kernel privileges" + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Big Sur 11.7.3, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23517.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23517.json index 15bf38bb06d..4f0d244e53b 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23517.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23517.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23517", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.320", - "lastModified": "2023-05-30T06:16:16.343", + "lastModified": "2023-07-27T01:15:13.150", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. Processing maliciously crafted web content may lead to arbitrary code execution." + "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, Safari 16.3, macOS Big Sur 11.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution." } ], "metrics": { @@ -109,10 +109,6 @@ } ], "references": [ - { - "url": "https://security.gentoo.org/glsa/202305-32", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213599", "source": "product-security@apple.com", @@ -161,6 +157,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://support.apple.com/en-us/HT213638", + "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23518.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23518.json index 7d7440b0797..efa1ab59964 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23518.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23518.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23518", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.387", - "lastModified": "2023-05-30T06:16:17.017", + "lastModified": "2023-07-27T01:15:13.220", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. Processing maliciously crafted web content may lead to arbitrary code execution." + "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, Safari 16.3, macOS Big Sur 11.7.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Processing maliciously crafted web content may lead to arbitrary code execution." } ], "metrics": { @@ -109,10 +109,6 @@ } ], "references": [ - { - "url": "https://security.gentoo.org/glsa/202305-32", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213599", "source": "product-security@apple.com", @@ -161,6 +157,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://support.apple.com/en-us/HT213638", + "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23519.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23519.json index a1054887401..f6c88df6c58 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23519.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23519.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23519", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.453", - "lastModified": "2023-03-08T15:39:14.113", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:13.333", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Processing an image may lead to a denial-of-service." + "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Processing maliciously crafted web content may lead to arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23520.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23520.json index 99ddcf1caf6..0b9369a86a5 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23520.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23520.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23520", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.517", - "lastModified": "2023-06-08T00:15:09.570", + "lastModified": "2023-07-27T01:15:13.423", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may be able to read arbitrary files as root." + "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Processing maliciously crafted web content may lead to arbitrary code execution." } ], "metrics": { @@ -77,6 +77,14 @@ } ], "references": [ + { + "url": "https://support.apple.com/en-us/HT213599", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213601", + "source": "product-security@apple.com" + }, { "url": "https://support.apple.com/en-us/HT213605", "source": "product-security@apple.com", @@ -90,14 +98,6 @@ "tags": [ "Vendor Advisory" ] - }, - { - "url": "https://support.apple.com/kb/HT213599", - "source": "product-security@apple.com" - }, - { - "url": "https://support.apple.com/kb/HT213601", - "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23522.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23522.json index 02a4d785471..d734f52cf69 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23522.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23522.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23522", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.580", - "lastModified": "2023-07-26T21:15:09.893", + "lastModified": "2023-07-27T01:15:13.517", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.2.1. An app may be able to observe unprotected user data." + "value": "A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23523.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23523.json index 2f624c88359..9103c1d1fbc 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23523.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23523.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23523", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.117", - "lastModified": "2023-05-11T06:55:19.667", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:13.593", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup" + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23524.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23524.json index 2f204ef1bb6..c97d85ec975 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23524.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23524.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23524", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.640", - "lastModified": "2023-03-08T15:26:50.297", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:13.653", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, tvOS 16.3.2, watchOS 9.3.1. Processing a maliciously crafted certificate may lead to a denial-of-service." + "value": "A denial-of-service issue was addressed with improved input validation. This issue is fixed in watchOS 9.3.1, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, tvOS 16.3.2. Processing a maliciously crafted certificate may lead to a denial-of-service." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23525.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23525.json index 7449be0072d..d6bfa12c3b2 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23525.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23525.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23525", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.170", - "lastModified": "2023-05-19T16:15:10.933", + "lastModified": "2023-07-27T01:15:13.727", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. An app may be able to gain root privileges" + "value": "This issue was addressed with a new entitlement. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23526.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23526.json index 05111e54f83..a09911dc816 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23526.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23526.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23526", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.220", - "lastModified": "2023-05-11T06:54:26.473", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:13.813", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This was addressed with additional checks by Gatekeeper on files downloaded from an iCloud shared-by-me folder. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. A file from an iCloud shared-by-me folder may be able to bypass Gatekeeper" + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23527.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23527.json index ab3d49e876d..094d5f759c3 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23527.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23527.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23527", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.277", - "lastModified": "2023-05-19T16:15:10.990", + "lastModified": "2023-07-27T01:15:13.887", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, watchOS 9.4, macOS Ventura 13.3, tvOS 16.4, macOS Monterey 12.6.4. A user may gain access to protected parts of the file system" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23528.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23528.json index 7a43df280ee..ac8dfee90e5 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23528.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23528.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23528", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.343", - "lastModified": "2023-05-11T17:11:26.573", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:13.957", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 16.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory" + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, tvOS 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23529.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23529.json index 0c3d44fefa1..891ee20e30d 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23529.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23529.json @@ -2,7 +2,7 @@ "id": "CVE-2023-23529", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.710", - "lastModified": "2023-05-30T06:16:17.547", + "lastModified": "2023-07-27T01:15:14.043", "vulnStatus": "Modified", "cisaExploitAdd": "2023-02-14", "cisaActionDue": "2023-03-07", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.." + "value": "This issue was addressed with improved state management. This issue is fixed in Safari 16.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -87,18 +87,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/Mar/20", - "source": "product-security@apple.com" - }, - { - "url": "http://seclists.org/fulldisclosure/2023/May/7", - "source": "product-security@apple.com" - }, - { - "url": "https://security.gentoo.org/glsa/202305-32", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213633", "source": "product-security@apple.com", @@ -119,6 +107,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://support.apple.com/en-us/HT213673", + "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23530.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23530.json index 1dd5fdb0b8f..51f8dbf6dd7 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23530.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23530.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23530", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.773", - "lastModified": "2023-03-08T16:56:22.383", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:14.123", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges." + "value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An HTML document may be able to render iframes with sensitive user information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23531.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23531.json index 764db6ed49b..1e6e45d13e2 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23531.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23531.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23531", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.843", - "lastModified": "2023-03-23T17:03:08.793", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:14.210", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges." + "value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An HTML document may be able to render iframes with sensitive user information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23532.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23532.json index 57ed394a94f..ae9eb815f61 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23532.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23532.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23532", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.403", - "lastModified": "2023-05-30T06:16:18.063", + "lastModified": "2023-07-27T01:15:14.280", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. An app may be able to break out of its sandbox" + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." } ], "metrics": { @@ -77,10 +77,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/17", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com", diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23533.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23533.json index ecfb4827801..d038db07053 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23533.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23533.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23533", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.457", - "lastModified": "2023-05-19T16:15:11.140", + "lastModified": "2023-07-27T01:15:14.357", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to modify protected parts of the file system" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23534.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23534.json index 7785605fc1d..bc89470a501 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23534.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23534.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23534", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.507", - "lastModified": "2023-05-19T16:15:11.207", + "lastModified": "2023-07-27T01:15:14.427", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Ventura 13.3. Processing a maliciously crafted image may result in disclosure of process memory" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23535.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23535.json index a9d9a1d3fff..82ce1f23c7b 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23535.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23535.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23535", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.567", - "lastModified": "2023-05-30T06:16:18.727", + "lastModified": "2023-07-27T01:15:14.490", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.6, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, macOS Big Sur 11.7.5, watchOS 9.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted image may result in disclosure of process memory" + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.6, macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -110,14 +110,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/7", - "source": "product-security@apple.com" - }, - { - "url": "http://seclists.org/fulldisclosure/2023/May/9", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com", diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23536.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23536.json index 0a877c1fc96..2a81a512fe1 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23536.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23536.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23536", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.630", - "lastModified": "2023-06-09T00:15:09.630", + "lastModified": "2023-07-27T01:15:14.563", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Big Sur 11.7.5, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. An app may be able to execute arbitrary code with kernel privileges" + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -100,6 +100,10 @@ "Vendor Advisory" ] }, + { + "url": "https://support.apple.com/en-us/HT213674", + "source": "product-security@apple.com" + }, { "url": "https://support.apple.com/en-us/HT213675", "source": "product-security@apple.com" @@ -113,15 +117,11 @@ ] }, { - "url": "https://support.apple.com/kb/HT213674", + "url": "https://support.apple.com/en-us/HT213677", "source": "product-security@apple.com" }, { - "url": "https://support.apple.com/kb/HT213677", - "source": "product-security@apple.com" - }, - { - "url": "https://support.apple.com/kb/HT213678", + "url": "https://support.apple.com/en-us/HT213678", "source": "product-security@apple.com" } ] diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23537.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23537.json index 78514a8dff5..e57bd0e3577 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23537.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23537.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23537", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.687", - "lastModified": "2023-05-30T05:15:10.323", + "lastModified": "2023-07-27T01:15:14.680", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3, macOS Big Sur 11.7.5, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to read sensitive location information" + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -104,10 +104,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/7", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com", diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23538.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23538.json index 5663c11464e..07a3f57ba81 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23538.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23538.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23538", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.747", - "lastModified": "2023-05-11T17:16:11.393", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:14.763", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. An app may be able to modify protected parts of the file system" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23539.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23539.json index f308f3302c5..b75718a7025 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23539.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23539.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23539", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:10.843", - "lastModified": "2023-07-13T23:15:10.087", + "lastModified": "2023-07-27T01:15:14.857", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution" + "value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Ventura 13.2. An HTML document may be able to render iframes with sensitive user information." } ], "metrics": { @@ -72,10 +72,6 @@ "tags": [ "Vendor Advisory" ] - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1659", - "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23540.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23540.json index 05eec63ba06..80e79c17f07 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23540.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23540.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23540", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.797", - "lastModified": "2023-07-25T16:15:10.427", + "lastModified": "2023-07-27T01:15:14.927", "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges" + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 15.7.8 and iPadOS 15.7.8. Processing web content may disclose sensitive information." } ], "metrics": { @@ -84,10 +84,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/Jul/46", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213675", "source": "product-security@apple.com", @@ -113,7 +109,7 @@ ] }, { - "url": "https://support.apple.com/kb/HT213842", + "url": "https://support.apple.com/en-us/HT213842", "source": "product-security@apple.com" } ] diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23541.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23541.json index b0044befbd7..80047afa5d0 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23541.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23541.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23541", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.860", - "lastModified": "2023-05-30T05:15:10.407", + "lastModified": "2023-07-27T01:15:15.017", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4. An app may be able to access information about a user\u2019s contacts" + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -85,10 +85,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/7", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213673", "source": "product-security@apple.com", diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23542.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23542.json index 43ba2549410..c509da81c68 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23542.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23542.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23542", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:16.923", - "lastModified": "2023-05-19T16:15:11.533", + "lastModified": "2023-07-27T01:15:15.100", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to access user-sensitive data" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23543.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23543.json index 51265294fdf..1e23cec6a51 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23543.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23543.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23543", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.003", - "lastModified": "2023-06-09T00:15:09.710", + "lastModified": "2023-07-27T01:15:15.203", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. A sandboxed app may be able to determine which app is currently using the camera" + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, watchOS 9.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -91,10 +91,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/7", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com", @@ -120,7 +116,7 @@ ] }, { - "url": "https://support.apple.com/kb/HT213678", + "url": "https://support.apple.com/en-us/HT213678", "source": "product-security@apple.com" } ] diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27928.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27928.json index efe1044ce60..7a29cb179ab 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27928.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27928.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27928", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.063", - "lastModified": "2023-05-30T05:15:10.767", + "lastModified": "2023-07-27T01:15:15.277", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, macOS Big Sur 11.7.5, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to access information about a user\u2019s contacts" + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -110,10 +110,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/7", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com", diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27929.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27929.json index 7b0a8108056..7d788d483f9 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27929.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27929.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27929", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.130", - "lastModified": "2023-05-19T16:15:11.730", + "lastModified": "2023-07-27T01:15:15.353", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, macOS Ventura 13.3. Processing a maliciously crafted image may result in disclosure of process memory" + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, watchOS 9.4, macOS Ventura 13.3, tvOS 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27930.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27930.json index 6ad095e45b4..431b8a9cd85 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27930.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27930.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27930", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.097", - "lastModified": "2023-06-27T10:42:32.663", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:15.437", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to execute arbitrary code with kernel privileges" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27931.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27931.json index c3b67688dfa..75cff1d9ab8 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27931.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27931.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27931", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.197", - "lastModified": "2023-05-19T16:15:11.793", + "lastModified": "2023-07-27T01:15:15.523", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.3, tvOS 16.4, watchOS 9.4, macOS Big Sur 11.7.3, iOS 16.4 and iPadOS 16.4. An app may be able to access user-sensitive data" + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27932.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27932.json index a208aa12832..756f2a51dcd 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27932.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27932.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27932", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.247", - "lastModified": "2023-05-30T06:16:24.793", + "lastModified": "2023-07-27T01:15:15.613", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. Processing maliciously crafted web content may bypass Same Origin Policy" + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4, Safari 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -110,10 +110,6 @@ } ], "references": [ - { - "url": "https://security.gentoo.org/glsa/202305-32", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com", diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27933.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27933.json index da837d875f9..5c1221b235c 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27933.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27933.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27933", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.310", - "lastModified": "2023-05-19T16:15:11.960", + "lastModified": "2023-07-27T01:15:15.707", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. An app with root privileges may be able to execute arbitrary code with kernel privileges" + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, watchOS 9.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27934.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27934.json index 6bfa83ab95b..e0ce952abc5 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27934.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27934.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27934", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.367", - "lastModified": "2023-07-13T23:15:10.220", + "lastModified": "2023-07-27T01:15:15.790", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { @@ -74,11 +74,7 @@ ] }, { - "url": "https://support.apple.com/kb/HT213677", - "source": "product-security@apple.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1677", + "url": "https://support.apple.com/en-us/HT213677", "source": "product-security@apple.com" } ] diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27935.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27935.json index c6b09cceb36..cf756e96a74 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27935.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27935.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27935", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.423", - "lastModified": "2023-07-13T23:15:10.290", + "lastModified": "2023-07-27T01:15:15.887", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { @@ -102,10 +102,6 @@ "Release Notes", "Vendor Advisory" ] - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1676", - "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27936.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27936.json index 61fe9f02622..f4d997fe3fb 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27936.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27936.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27936", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.493", - "lastModified": "2023-05-30T05:15:10.837", + "lastModified": "2023-07-27T01:15:15.957", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory" + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -91,10 +91,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/7", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com", diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27937.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27937.json index 58d732ef598..b98a862dd7c 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27937.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27937.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27937", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.550", - "lastModified": "2023-05-19T16:15:12.173", + "lastModified": "2023-07-27T01:15:16.023", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An integer overflow was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, macOS Big Sur 11.7.5, watchOS 9.4, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27938.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27938.json index 2643a90991d..86c77d72808 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27938.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27938.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27938", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.610", - "lastModified": "2023-05-11T20:36:36.733", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:16.097", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in GarageBand for macOS 10.4.8. Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution" + "value": "An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in GarageBand for macOS 10.4.8. Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27940.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27940.json index a836992245c..d06544a332c 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27940.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27940.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27940", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.147", - "lastModified": "2023-06-27T10:41:22.243", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:16.180", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6. A sandboxed app may be able to observe system-wide network connections" + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27941.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27941.json index 285bac3c2f5..191cc300db3 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27941.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27941.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27941", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.670", - "lastModified": "2023-06-09T00:15:09.853", + "lastModified": "2023-07-27T01:15:16.250", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Big Sur 11.7.5, iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3. An app may be able to disclose kernel memory" + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -77,10 +77,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/7", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com", @@ -102,7 +98,7 @@ "source": "product-security@apple.com" }, { - "url": "https://support.apple.com/kb/HT213677", + "url": "https://support.apple.com/en-us/HT213677", "source": "product-security@apple.com" } ] diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27942.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27942.json index 72c94781b27..5524efc4981 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27942.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27942.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27942", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.733", - "lastModified": "2023-05-19T16:15:12.313", + "lastModified": "2023-07-27T01:15:16.337", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, macOS Big Sur 11.7.5, watchOS 9.4, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. An app may be able to access user-sensitive data" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27943.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27943.json index 7d9dd349965..aacdf750b6a 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27943.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27943.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27943", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.790", - "lastModified": "2023-05-19T16:15:12.387", + "lastModified": "2023-07-27T01:15:16.417", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Files downloaded from the internet may not have the quarantine flag applied" + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27944.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27944.json index b0d773b975a..066378c5d28 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27944.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27944.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27944", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.857", - "lastModified": "2023-05-19T16:15:12.463", + "lastModified": "2023-07-27T01:15:16.507", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27945.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27945.json index c13eea6e7fe..838221477c3 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27945.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27945.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27945", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.930", - "lastModified": "2023-05-30T06:16:25.860", + "lastModified": "2023-07-27T01:15:16.577", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved entitlements. This issue is fixed in macOS Monterey 12.6.6, Xcode 14.3, macOS Big Sur 11.7.7. A sandboxed app may be able to collect system logs" + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in Xcode 14.3, macOS Monterey 12.6.6, macOS Big Sur 11.7.7. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -65,14 +65,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/10", - "source": "product-security@apple.com" - }, - { - "url": "http://seclists.org/fulldisclosure/2023/May/9", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213679", "source": "product-security@apple.com", diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27946.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27946.json index 1282146b76a..dff3686c184 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27946.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27946.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27946", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.990", - "lastModified": "2023-05-30T05:15:11.040", + "lastModified": "2023-07-27T01:15:16.647", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution" + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -92,10 +92,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/7", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com", diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27949.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27949.json index e9e97834e96..db1b9a1b831 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27949.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27949.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27949", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.043", - "lastModified": "2023-05-30T05:15:11.123", + "lastModified": "2023-07-27T01:15:16.720", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution" + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -85,10 +85,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/7", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com", diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27951.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27951.json index 38814f1890a..0c56b74e6d0 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27951.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27951.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27951", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.100", - "lastModified": "2023-05-19T16:15:12.783", + "lastModified": "2023-07-27T01:15:16.793", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An archive may be able to bypass Gatekeeper" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27952.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27952.json index 106907d0566..f1f1962a60f 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27952.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27952.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27952", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.157", - "lastModified": "2023-05-13T02:17:29.327", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:16.877", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.3. An app may bypass Gatekeeper checks" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27953.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27953.json index e6607e8ce0b..3b043794c1e 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27953.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27953.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27953", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.207", - "lastModified": "2023-07-13T23:15:10.353", + "lastModified": "2023-07-27T01:15:16.947", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected system termination or corrupt kernel memory" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { @@ -100,10 +100,6 @@ "tags": [ "Vendor Advisory" ] - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1688", - "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27954.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27954.json index add7ac971d4..d9f1d650534 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27954.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27954.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27954", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.267", - "lastModified": "2023-05-30T06:16:26.723", + "lastModified": "2023-07-27T01:15:17.013", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. A website may be able to track sensitive user information" + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, watchOS 9.4, Safari 16.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -125,14 +125,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/7", - "source": "product-security@apple.com" - }, - { - "url": "https://security.gentoo.org/glsa/202305-32", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com", diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27955.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27955.json index 9376ba70a0e..e69a2f7ce68 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27955.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27955.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27955", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.317", - "lastModified": "2023-06-09T00:15:09.920", + "lastModified": "2023-07-27T01:15:17.097", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. An app may be able to read arbitrary files" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. An app may be able to break out of its sandbox." } ], "metrics": { @@ -99,6 +99,10 @@ "Vendor Advisory" ] }, + { + "url": "https://support.apple.com/en-us/HT213674", + "source": "product-security@apple.com" + }, { "url": "https://support.apple.com/en-us/HT213675", "source": "product-security@apple.com", @@ -119,10 +123,6 @@ "tags": [ "Vendor Advisory" ] - }, - { - "url": "https://support.apple.com/kb/HT213674", - "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27956.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27956.json index 0cb0c557596..6e08122e8d1 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27956.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27956.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27956", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.383", - "lastModified": "2023-05-30T05:15:11.293", + "lastModified": "2023-07-27T01:15:17.197", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted image may result in disclosure of process memory" + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -104,10 +104,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/7", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com", diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27957.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27957.json index 59e438d6a56..443836f5245 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27957.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27957.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27957", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.433", - "lastModified": "2023-05-12T19:15:24.030", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:17.287", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27958.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27958.json index c07197f07fd..9a3a7df9ac8 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27958.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27958.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27958", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.493", - "lastModified": "2023-07-13T23:15:10.417", + "lastModified": "2023-07-27T01:15:17.380", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected system termination or corrupt kernel memory" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { @@ -100,10 +100,6 @@ "tags": [ "Vendor Advisory" ] - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1689", - "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27959.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27959.json index eaba092fba0..a090e3edcbb 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27959.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27959.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27959", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.547", - "lastModified": "2023-05-12T19:22:37.343", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:17.450", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges" + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27960.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27960.json index 1581acbd448..43a83dd6e52 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27960.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27960.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27960", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.603", - "lastModified": "2023-05-15T13:50:46.030", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:17.513", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed by removing the vulnerable code. This issue is fixed in GarageBand for macOS 10.4.8. An app may be able to gain elevated privileges during the installation of GarageBand" + "value": "An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in GarageBand for macOS 10.4.8. Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27961.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27961.json index 6555f174b5b..27ad0f0bf28 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27961.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27961.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27961", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.663", - "lastModified": "2023-05-30T05:15:11.370", + "lastModified": "2023-07-27T01:15:17.587", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Multiple validation issues were addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, watchOS 9.4, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. Importing a maliciously crafted calendar invitation may exfiltrate user information" + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -112,10 +112,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/7", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com", diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27962.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27962.json index 7f7398e34a6..4af8cd63d47 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27962.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27962.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27962", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.717", - "lastModified": "2023-05-19T16:15:13.253", + "lastModified": "2023-07-27T01:15:17.660", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to modify protected parts of the file system" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27963.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27963.json index 71ec4f13173..abe7055eec7 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27963.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27963.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27963", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.773", - "lastModified": "2023-06-09T00:15:10.003", + "lastModified": "2023-07-27T01:15:17.747", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with additional permissions checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3, watchOS 9.4, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. A shortcut may be able to use sensitive data with certain actions without prompting the user" + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -105,10 +105,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/7", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com", @@ -123,6 +119,10 @@ "Vendor Advisory" ] }, + { + "url": "https://support.apple.com/en-us/HT213674", + "source": "product-security@apple.com" + }, { "url": "https://support.apple.com/en-us/HT213676", "source": "product-security@apple.com", @@ -143,10 +143,6 @@ "tags": [ "Vendor Advisory" ] - }, - { - "url": "https://support.apple.com/kb/HT213674", - "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27965.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27965.json index b29179062b1..88ec6144c17 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27965.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27965.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27965", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.833", - "lastModified": "2023-05-19T16:15:13.383", + "lastModified": "2023-07-27T01:15:17.837", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in Studio Display Firmware Update 16.4, macOS Ventura 13.3. An app may be able to execute arbitrary code with kernel privileges" + "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in Studio Display Firmware Update 16.4, macOS Ventura 13.3. An app may be able to execute arbitrary code with kernel privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27966.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27966.json index 664be48c89b..5be8d62edb4 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27966.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27966.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27966", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.890", - "lastModified": "2023-05-15T15:44:41.543", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:17.910", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27967.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27967.json index 63e6103e8c1..c214b692965 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27967.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27967.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27967", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.937", - "lastModified": "2023-05-12T19:46:50.930", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:17.980", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges" + "value": "This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3. A sandboxed app may be able to collect system logs." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27968.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27968.json index a04f3eba8a7..d26cd9d1b97 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27968.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27968.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27968", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.000", - "lastModified": "2023-05-12T19:47:30.860", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:18.037", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27969.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27969.json index d97c379d97b..ab4751a4589 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27969.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27969.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27969", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.053", - "lastModified": "2023-05-30T05:15:11.563", + "lastModified": "2023-07-27T01:15:18.113", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges" + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, watchOS 9.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -104,10 +104,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/7", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com", diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27970.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27970.json index 397d0fea237..61dfcfbf500 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27970.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27970.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27970", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.110", - "lastModified": "2023-05-15T13:39:36.273", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:18.190", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges" + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-280xx/CVE-2023-28012.json b/CVE-2023/CVE-2023-280xx/CVE-2023-28012.json new file mode 100644 index 00000000000..bbcb01030d9 --- /dev/null +++ b/CVE-2023/CVE-2023-280xx/CVE-2023-28012.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-28012", + "sourceIdentifier": "psirt@hcl.com", + "published": "2023-07-27T00:15:13.510", + "lastModified": "2023-07-27T01:15:18.290", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "HCL BigFix Mobile is vulnerable to a command injection attack. An authenticated attacker could run arbitrary shell commands on the WebUI server.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@hcl.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106372", + "source": "psirt@hcl.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-280xx/CVE-2023-28014.json b/CVE-2023/CVE-2023-280xx/CVE-2023-28014.json new file mode 100644 index 00000000000..efc70e6189b --- /dev/null +++ b/CVE-2023/CVE-2023-280xx/CVE-2023-28014.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-28014", + "sourceIdentifier": "psirt@hcl.com", + "published": "2023-07-27T00:15:13.667", + "lastModified": "2023-07-27T00:15:13.667", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "HCL BigFix Mobile is vulnerable to a cross-site scripting attack. An authenticated attacker could inject malicious scripts into the application.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@hcl.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.3 + } + ] + }, + "references": [ + { + "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106371", + "source": "psirt@hcl.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28178.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28178.json index 968e099fce2..993fe36059e 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28178.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28178.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28178", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.163", - "lastModified": "2023-06-09T00:15:10.073", + "lastModified": "2023-07-27T01:15:18.397", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. An app may be able to bypass Privacy preferences" + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, watchOS 9.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -92,6 +92,10 @@ "Vendor Advisory" ] }, + { + "url": "https://support.apple.com/en-us/HT213674", + "source": "product-security@apple.com" + }, { "url": "https://support.apple.com/en-us/HT213676", "source": "product-security@apple.com", @@ -107,11 +111,7 @@ ] }, { - "url": "https://support.apple.com/kb/HT213674", - "source": "product-security@apple.com" - }, - { - "url": "https://support.apple.com/kb/HT213678", + "url": "https://support.apple.com/en-us/HT213678", "source": "product-security@apple.com" } ] diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28180.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28180.json index 42d4f0f9833..c3900831956 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28180.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28180.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28180", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.220", - "lastModified": "2023-07-13T23:15:10.477", + "lastModified": "2023-07-27T01:15:18.477", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A denial-of-service issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. A user in a privileged network position may be able to cause a denial-of-service" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { @@ -71,14 +71,6 @@ "tags": [ "Vendor Advisory" ] - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1678", - "source": "product-security@apple.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1679", - "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28181.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28181.json index 3e8eae894e9..133efa00d24 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28181.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28181.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28181", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.273", - "lastModified": "2023-06-09T00:15:10.140", + "lastModified": "2023-07-27T01:15:18.557", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.3, tvOS 16.4, iOS 15.7.6 and iPadOS 15.7.6, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges" + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.7, watchOS 9.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -89,14 +89,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/10", - "source": "product-security@apple.com" - }, - { - "url": "http://seclists.org/fulldisclosure/2023/May/17", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com", @@ -118,6 +110,10 @@ "Vendor Advisory" ] }, + { + "url": "https://support.apple.com/en-us/HT213677", + "source": "product-security@apple.com" + }, { "url": "https://support.apple.com/en-us/HT213678", "source": "product-security@apple.com", @@ -132,10 +128,6 @@ { "url": "https://support.apple.com/en-us/HT213765", "source": "product-security@apple.com" - }, - { - "url": "https://support.apple.com/kb/HT213677", - "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28182.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28182.json index 103a08b1b84..e2dbe2ec226 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28182.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28182.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28182", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.330", - "lastModified": "2023-05-30T05:15:11.657", + "lastModified": "2023-07-27T01:15:18.643", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved authentication. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device" + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -106,10 +106,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/May/7", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com", diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28189.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28189.json index a4ce258651b..a355cb32a12 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28189.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28189.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28189", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.417", - "lastModified": "2023-06-09T00:15:10.210", + "lastModified": "2023-07-27T01:15:18.747", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Ventura 13.3. An app may be able to view sensitive information" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { @@ -84,7 +84,7 @@ "source": "product-security@apple.com" }, { - "url": "https://support.apple.com/kb/HT213677", + "url": "https://support.apple.com/en-us/HT213677", "source": "product-security@apple.com" } ] diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28190.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28190.json index 24f4daf1165..0deda1d2014 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28190.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28190.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28190", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.493", - "lastModified": "2023-05-13T01:46:08.943", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:18.840", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in macOS Ventura 13.3. An app may be able to access user-sensitive data" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28191.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28191.json index 72536ed275a..3fe8d3a097e 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28191.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28191.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28191", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.240", - "lastModified": "2023-06-27T12:47:58.410", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:18.910", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28192.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28192.json index 4e5526b4c62..7c3c94572d2 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28192.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28192.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28192", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.577", - "lastModified": "2023-05-19T16:15:13.857", + "lastModified": "2023-07-27T01:15:18.987", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to read sensitive location information" + "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28194.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28194.json index 2b16f26f6f8..dc368d57ed4 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28194.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28194.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28194", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.633", - "lastModified": "2023-05-15T13:25:07.497", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:19.077", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to unexpectedly create a bookmark on the Home Screen" + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28200.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28200.json index 106070551c4..cbbfa7a4c68 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28200.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28200.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28200", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.687", - "lastModified": "2023-05-19T16:15:13.913", + "lastModified": "2023-07-27T01:15:19.147", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3. An app may be able to disclose kernel memory" + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28201.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28201.json index fa6a3b422b6..734a2c72228 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28201.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28201.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28201", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:19.747", - "lastModified": "2023-06-09T00:15:10.297", + "lastModified": "2023-07-27T01:15:19.227", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in Safari 16.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution" + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, Safari 16.4. A remote user may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -119,16 +119,16 @@ "Vendor Advisory" ] }, + { + "url": "https://support.apple.com/en-us/HT213674", + "source": "product-security@apple.com" + }, { "url": "https://support.apple.com/en-us/HT213676", "source": "product-security@apple.com", "tags": [ "Vendor Advisory" ] - }, - { - "url": "https://support.apple.com/kb/HT213674", - "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28202.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28202.json index d4458f0e2df..925db41eb58 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28202.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28202.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28202", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.290", - "lastModified": "2023-06-30T07:03:46.813", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:19.310", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app firewall setting may not take effect after exiting the Settings app" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28204.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28204.json index 4ac6f3272e0..8bc0b6deadc 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28204.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28204.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28204", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.333", - "lastModified": "2023-06-30T07:03:31.893", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:19.413", + "vulnStatus": "Modified", "cisaExploitAdd": "2023-05-22", "cisaActionDue": "2023-06-12", "cisaRequiredAction": "Apply updates per vendor instructions.", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited." + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, Safari 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28205.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28205.json index e7bfed50bd6..55b105ab159 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28205.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28205.json @@ -2,7 +2,7 @@ "id": "CVE-2023-28205", "sourceIdentifier": "product-security@apple.com", "published": "2023-04-10T19:15:07.237", - "lastModified": "2023-07-26T23:15:09.867", + "lastModified": "2023-07-27T01:15:19.513", "vulnStatus": "Modified", "cisaExploitAdd": "2023-04-10", "cisaActionDue": "2023-05-01", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.5 and iPadOS 15.7.5, macOS Ventura 13.3.1, Safari 16.4.1, iOS 16.4.1 and iPadOS 16.4.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." + "value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 16.4.1 and iPadOS 16.4.1, Safari 16.4.1, macOS Ventura 13.3.1, iOS 15.7.5 and iPadOS 15.7.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28206.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28206.json index a7d55bdf15c..ec0dbd73302 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28206.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28206.json @@ -2,7 +2,7 @@ "id": "CVE-2023-28206", "sourceIdentifier": "product-security@apple.com", "published": "2023-04-10T19:15:07.273", - "lastModified": "2023-05-08T20:15:19.900", + "lastModified": "2023-07-27T01:15:19.627", "vulnStatus": "Modified", "cisaExploitAdd": "2023-04-10", "cisaActionDue": "2023-05-01", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.5, iOS 16.4.1 and iPadOS 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, macOS Big Sur 11.7.6, macOS Ventura 13.3.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited." + "value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1, macOS Monterey 12.6.5, macOS Big Sur 11.7.6, iOS 15.7.5 and iPadOS 15.7.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32351.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32351.json index 055aac42af6..b7750003fc5 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32351.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32351.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32351", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.383", - "lastModified": "2023-06-30T18:13:18.907", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:19.740", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to gain elevated privileges" + "value": "A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to gain elevated privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32352.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32352.json index e053a23545f..e051e02d87d 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32352.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32352.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32352", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.427", - "lastModified": "2023-06-30T18:14:18.820", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:19.823", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may bypass Gatekeeper checks" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32353.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32353.json index 4164d0715de..6d32b48b882 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32353.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32353.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32353", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.470", - "lastModified": "2023-06-29T20:42:38.890", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:19.900", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to elevate privileges" + "value": "A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to gain elevated privileges." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32354.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32354.json index 6103d64e00c..7e1c74d3c76 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32354.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32354.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32354", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.513", - "lastModified": "2023-06-30T13:49:36.123", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:19.990", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32355.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32355.json index 78f35916b97..c0017cc92c4 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32355.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32355.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32355", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.553", - "lastModified": "2023-06-30T13:49:20.797", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:20.063", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system" + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32357.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32357.json index a200502dae6..10a44be3752 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32357.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32357.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32357", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.600", - "lastModified": "2023-06-30T13:49:10.683", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:20.163", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An authorization issue was addressed with improved state management. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to retain access to system configuration files even after its permission is revoked" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32360.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32360.json index fe43e853aef..388c143fc80 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32360.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32360.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32360", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.647", - "lastModified": "2023-06-30T13:48:53.420", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:20.250", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An unauthenticated user may be able to access recently printed documents" + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32363.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32363.json index 3173dd0e449..280e8ecacab 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32363.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32363.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32363", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.693", - "lastModified": "2023-06-30T13:48:13.423", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:20.360", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Ventura 13.4. An app may be able to bypass Privacy preferences" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32364.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32364.json new file mode 100644 index 00000000000..c828ff99503 --- /dev/null +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32364.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32364", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:20.443", + "lastModified": "2023-07-27T01:15:20.443", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32365.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32365.json index 284c1bd836d..72abbde97c8 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32365.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32365.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32365", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.733", - "lastModified": "2023-06-30T13:48:00.060", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:20.510", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, iOS 15.7.6 and iPadOS 15.7.6. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, iOS 15.7.6 and iPadOS 15.7.6. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32367.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32367.json index 063f4e97e58..f40799e84ea 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32367.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32367.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32367", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.777", - "lastModified": "2023-06-30T13:47:44.797", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:20.597", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to access user-sensitive data" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32368.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32368.json index e43703ae884..135c55aed4d 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32368.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32368.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32368", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.823", - "lastModified": "2023-06-30T13:47:36.053", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:20.687", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Monterey 12.6.6. Processing a 3D model may result in disclosure of process memory" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32369.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32369.json index a6554804228..447d9dca081 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32369.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32369.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32369", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.870", - "lastModified": "2023-06-23T20:21:15.293", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:20.823", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system" + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32371.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32371.json index d560e3e576a..64687ade3bd 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32371.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32371.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32371", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.917", - "lastModified": "2023-06-30T13:47:21.360", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:21.040", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to break out of its sandbox" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32372.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32372.json index 1e878d0f3d6..d717101207e 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32372.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32372.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32372", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:11.963", - "lastModified": "2023-06-27T12:45:16.263", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:21.123", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. Processing an image may result in disclosure of process memory" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32373.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32373.json index 0c0abd93233..a843175ae9f 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32373.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32373.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32373", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.007", - "lastModified": "2023-06-27T12:47:29.253", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:21.227", + "vulnStatus": "Modified", "cisaExploitAdd": "2023-05-22", "cisaActionDue": "2023-06-12", "cisaRequiredAction": "Apply updates per vendor instructions.", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, Safari 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32375.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32375.json index c45060a5159..9a2b50f8e63 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32375.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32375.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32375", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.050", - "lastModified": "2023-06-30T13:47:10.780", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:21.370", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6. Processing a 3D model may result in disclosure of process memory" + "value": "The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6. An app may be able to read sensitive location information." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32376.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32376.json index f928e9d96d9..a662799730a 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32376.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32376.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32376", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.097", - "lastModified": "2023-06-30T13:46:42.150", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:21.480", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to modify protected parts of the file system" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32380.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32380.json index b271776b45f..39f424b2e86 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32380.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32380.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32380", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.140", - "lastModified": "2023-06-30T13:46:31.057", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:21.560", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. Processing a 3D model may lead to arbitrary code execution" + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32381.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32381.json new file mode 100644 index 00000000000..8663824db2c --- /dev/null +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32381.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2023-32381", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T00:15:14.397", + "lastModified": "2023-07-27T01:15:21.677", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Monterey 12.6.8, tvOS 16.6, watchOS 9.6, macOS Big Sur 11.7.9, macOS Ventura 13.5. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213844", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213845", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213846", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32382.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32382.json index 84edff55286..9843c2e78f5 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32382.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32382.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32382", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.190", - "lastModified": "2023-06-30T13:41:44.287", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:21.753", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. Processing a 3D model may result in disclosure of process memory" + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32384.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32384.json index 055c06683de..867090394c0 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32384.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32384.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32384", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.237", - "lastModified": "2023-06-27T10:58:14.053", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:21.837", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. Processing an image may lead to arbitrary code execution" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32385.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32385.json index e027d33b6cb..4239ee05bb3 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32385.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32385.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32385", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.283", - "lastModified": "2023-06-27T10:58:40.580", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:21.923", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A denial-of-service issue was addressed with improved memory handling. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. Opening a PDF file may lead to unexpected app termination" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32386.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32386.json index 4b030cfd1cd..61d96c6988e 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32386.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32386.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32386", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.333", - "lastModified": "2023-06-30T13:41:23.760", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:22.037", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to observe unprotected user data" + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32387.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32387.json index 3643a1f2884..012b3524ff1 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32387.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32387.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32387", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.373", - "lastModified": "2023-07-13T23:15:10.540", + "lastModified": "2023-07-27T01:15:22.277", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution" + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { @@ -103,10 +103,6 @@ "Release Notes", "Vendor Advisory" ] - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1717", - "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32388.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32388.json index ff0f8d7fb67..2136cb81b67 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32388.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32388.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32388", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.417", - "lastModified": "2023-07-26T23:15:09.960", + "lastModified": "2023-07-27T01:15:22.570", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": " This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Big Sur 11.7.7. An app may be able to bypass Privacy preferences" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32389.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32389.json index 0efbfa8c7cf..514cc5dfb54 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32389.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32389.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32389", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.467", - "lastModified": "2023-06-30T07:03:03.483", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:22.740", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32390.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32390.json index c136e276d1d..aec55cbcc33 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32390.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32390.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32390", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.510", - "lastModified": "2023-07-06T14:46:32.673", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:22.950", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32391.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32391.json index 4d7fec89ebf..fed0b96205f 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32391.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32391.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32391", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.557", - "lastModified": "2023-06-30T07:02:08.500", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:23.253", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6. A shortcut may be able to use sensitive data with certain actions without prompting the user" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, watchOS 9.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32392.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32392.json index 86998c24da2..143310d47da 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32392.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32392.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32392", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.607", - "lastModified": "2023-06-30T07:00:54.793", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:23.450", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to read sensitive location information" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32393.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32393.json new file mode 100644 index 00000000000..00a53edfde1 --- /dev/null +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32393.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-32393", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:23.623", + "lastModified": "2023-07-27T01:15:23.623", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Processing maliciously crafted web content may lead to arbitrary code execution." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213599", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213601", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213605", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213606", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32394.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32394.json index 9e5b871b7f8..757fdaf10b9 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32394.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32394.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32394", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.657", - "lastModified": "2023-06-30T07:00:32.697", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:23.793", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. A person with physical access to a device may be able to view contact information from the lock screen" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32395.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32395.json index d98951b9bff..c5c4367364d 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32395.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32395.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32395", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.703", - "lastModified": "2023-06-30T06:59:58.327", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:23.990", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system" + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32397.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32397.json index 4b56e6526f1..cc92a237948 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32397.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32397.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32397", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.743", - "lastModified": "2023-06-30T06:59:27.803", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:24.267", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system" + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32398.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32398.json index d88f761e86d..94b76f4e0a6 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32398.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32398.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32398", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.783", - "lastModified": "2023-06-30T06:58:06.077", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:24.420", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to execute arbitrary code with kernel privileges" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32399.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32399.json index 72f492ba631..fa3040182ac 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32399.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32399.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32399", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.827", - "lastModified": "2023-06-30T07:08:09.847", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:24.610", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved handling of caches. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to read sensitive location information" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32400.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32400.json index 11019c5e06f..7f5667e7ec9 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32400.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32400.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32400", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.870", - "lastModified": "2023-06-30T07:28:07.453", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:24.803", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. Entitlements and privacy permissions granted to this app may be used by a malicious app" + "value": "This issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4. Entitlements and privacy permissions granted to this app may be used by a malicious app." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32402.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32402.json index da83d31ec59..aff907c8b19 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32402.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32402.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32402", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.917", - "lastModified": "2023-06-30T07:16:39.517", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:24.980", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, Safari 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32403.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32403.json index ff0254b0bf9..0f7144fd3e7 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32403.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32403.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32403", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:12.960", - "lastModified": "2023-06-30T07:14:29.540", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:25.233", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to read sensitive location information" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32404.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32404.json index 2e8305174fa..4349c729fb2 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32404.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32404.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32404", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.007", - "lastModified": "2023-06-30T07:07:44.767", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:25.433", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. An app may be able to bypass Privacy preferences" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32405.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32405.json index 9fe9d0bbb6f..1f0f4cfaf6c 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32405.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32405.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32405", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.047", - "lastModified": "2023-06-30T07:07:35.147", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:25.677", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to gain root privileges" + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32407.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32407.json index 57c896c910a..6d5e72883e9 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32407.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32407.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32407", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.093", - "lastModified": "2023-06-30T07:07:24.717", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:25.907", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A logic issue was addressed with improved state management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32408.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32408.json index f4cc89bd702..378630ae48c 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32408.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32408.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32408", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.140", - "lastModified": "2023-06-30T07:07:08.127", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:26.057", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved handling of caches. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Monterey 12.6.6. An app may be able to read sensitive location information" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32409.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32409.json index db0fde1bf24..a66298f08db 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32409.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32409.json @@ -2,7 +2,7 @@ "id": "CVE-2023-32409", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.183", - "lastModified": "2023-07-25T16:15:11.410", + "lastModified": "2023-07-27T01:15:26.233", "vulnStatus": "Modified", "cisaExploitAdd": "2023-05-22", "cisaActionDue": "2023-06-12", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited." + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, Safari 16.5. An app may be able to disclose kernel memory." } ], "metrics": { @@ -102,10 +102,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/Jul/46", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213757", "source": "product-security@apple.com", @@ -145,6 +141,10 @@ "Release Notes", "Vendor Advisory" ] + }, + { + "url": "https://support.apple.com/en-us/HT213842", + "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32410.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32410.json index f04f6bd07c2..7ec4004811f 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32410.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32410.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32410", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.227", - "lastModified": "2023-06-30T07:06:09.090", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:26.533", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6. An app may be able to leak sensitive kernel state" + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Ventura 13.4, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32411.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32411.json index 11530bfd55f..0700703e4f5 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32411.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32411.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32411", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.273", - "lastModified": "2023-06-30T07:05:56.930", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:26.733", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved entitlements. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32412.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32412.json index 8125a300499..8a3d9df8082 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32412.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32412.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32412", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.320", - "lastModified": "2023-06-30T07:04:51.590", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:26.967", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32413.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32413.json index 9f78dd3c965..6685cc44f1a 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32413.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32413.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32413", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.370", - "lastModified": "2023-06-30T07:14:15.513", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:27.100", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A race condition was addressed with improved state handling. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to gain root privileges" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, macOS Monterey 12.6.6, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32414.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32414.json index 9966773c9ba..9a304539fd0 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32414.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32414.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32414", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.417", - "lastModified": "2023-06-30T07:13:57.780", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:27.280", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4. An app may be able to break out of its sandbox" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32415.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32415.json index 34a1370c0ca..21559343af7 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32415.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32415.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32415", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.457", - "lastModified": "2023-06-30T07:16:27.650", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:27.517", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, tvOS 16.5. An app may be able to read sensitive location information" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, tvOS 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32416.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32416.json new file mode 100644 index 00000000000..19f20977d7d --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32416.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-32416", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:27.807", + "lastModified": "2023-07-27T01:15:27.807", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Monterey 12.6.8, watchOS 9.6, macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8. An app may be able to read sensitive location information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213842", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213844", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32417.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32417.json index 1ca706ba07d..8e642ccb6a4 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32417.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32417.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32417", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.497", - "lastModified": "2023-06-30T07:36:58.417", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:28.023", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed by restricting options offered on a locked device. This issue is fixed in watchOS 9.5. An attacker with physical access to a locked Apple Watch may be able to view user photos or contacts via accessibility features" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32418.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32418.json new file mode 100644 index 00000000000..5278430d347 --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32418.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-32418", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:28.293", + "lastModified": "2023-07-27T01:15:28.293", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213844", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213845", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32419.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32419.json index 5f89466acf7..46d5d218eea 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32419.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32419.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32419", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.540", - "lastModified": "2023-06-30T07:36:47.020", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:28.637", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.5 and iPadOS 16.5. A remote attacker may be able to cause arbitrary code execution" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32420.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32420.json index cbb7f16d2d1..33adca017e6 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32420.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32420.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32420", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.583", - "lastModified": "2023-06-30T07:13:04.557", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:28.833", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to cause unexpected system termination or read kernel memory" + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4, tvOS 16.5. An app may be able to cause unexpected system termination or read kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32422.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32422.json index a67ed75f29f..8473097aa5f 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32422.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32422.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32422", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.630", - "lastModified": "2023-06-30T07:12:52.540", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:29.063", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This issue was addressed by adding additional SQLite logging restrictions. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, tvOS 16.5. An app may be able to bypass Privacy preferences" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, tvOS 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32423.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32423.json index c73ab681f63..9947a12a557 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32423.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32423.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32423", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.677", - "lastModified": "2023-06-30T07:12:25.107", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-27T01:15:29.330", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information" + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, watchOS 9.5, iOS 16.5 and iPadOS 16.5, Safari 16.5. An app may be able to disclose kernel memory." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32429.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32429.json new file mode 100644 index 00000000000..43f5355aa0e --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32429.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32429", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:29.543", + "lastModified": "2023-07-27T01:15:29.543", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32433.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32433.json new file mode 100644 index 00000000000..090fccaac79 --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32433.json @@ -0,0 +1,44 @@ +{ + "id": "CVE-2023-32433", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T00:15:14.877", + "lastModified": "2023-07-27T01:15:29.787", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, macOS Monterey 12.6.8, watchOS 9.6, macOS Big Sur 11.7.9, macOS Ventura 13.5. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213842", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213844", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213845", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213846", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32434.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32434.json index 60a3eb8784f..15e2f437f4c 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32434.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32434.json @@ -2,7 +2,7 @@ "id": "CVE-2023-32434", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.720", - "lastModified": "2023-07-07T20:15:10.107", + "lastModified": "2023-07-27T01:15:30.130", "vulnStatus": "Modified", "cisaExploitAdd": "2023-06-23", "cisaActionDue": "2023-07-14", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Big Sur 11.7.8, macOS Monterey 12.6.7, macOS Ventura 13.4.1, watchOS 9.5.2. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7." + "value": "An integer overflow was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.7, iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Big Sur 11.7.8, watchOS 9.5.2, macOS Ventura 13.4.1, watchOS 8.8.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7." } ], "metrics": { @@ -123,34 +123,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/Jul/10", - "source": "product-security@apple.com" - }, - { - "url": "http://seclists.org/fulldisclosure/2023/Jul/4", - "source": "product-security@apple.com" - }, - { - "url": "http://seclists.org/fulldisclosure/2023/Jul/5", - "source": "product-security@apple.com" - }, - { - "url": "http://seclists.org/fulldisclosure/2023/Jul/6", - "source": "product-security@apple.com" - }, - { - "url": "http://seclists.org/fulldisclosure/2023/Jul/7", - "source": "product-security@apple.com" - }, - { - "url": "http://seclists.org/fulldisclosure/2023/Jul/8", - "source": "product-security@apple.com" - }, - { - "url": "http://seclists.org/fulldisclosure/2023/Jul/9", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213808", "source": "product-security@apple.com", diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32435.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32435.json index 3a40c74fc2d..07e0700b9db 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32435.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32435.json @@ -2,7 +2,7 @@ "id": "CVE-2023-32435", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.767", - "lastModified": "2023-07-26T23:15:10.057", + "lastModified": "2023-07-27T01:15:30.517", "vulnStatus": "Modified", "cisaExploitAdd": "2023-06-23", "cisaActionDue": "2023-07-14", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3, Safari 16.4, iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7." + "value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.4 and iPadOS 16.4, iOS 15.7.7 and iPadOS 15.7.7, Safari 16.4, macOS Ventura 13.3. A remote attacker may be able to cause unexpected app termination or arbitrary code execution." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32437.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32437.json new file mode 100644 index 00000000000..62f4daa3db1 --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32437.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32437", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T00:15:15.013", + "lastModified": "2023-07-27T01:15:30.757", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32439.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32439.json index 89c383df306..311c380f15c 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32439.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32439.json @@ -2,7 +2,7 @@ "id": "CVE-2023-32439", "sourceIdentifier": "product-security@apple.com", "published": "2023-06-23T18:15:13.813", - "lastModified": "2023-07-08T00:15:09.713", + "lastModified": "2023-07-27T01:15:31.083", "vulnStatus": "Modified", "cisaExploitAdd": "2023-06-23", "cisaActionDue": "2023-07-14", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, Safari 16.5.1, macOS Ventura 13.4.1, iOS 15.7.7 and iPadOS 15.7.7. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." + "value": "A type confusion issue was addressed with improved checks. This issue is fixed in Safari 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Ventura 13.4.1, iOS 16.5.1 and iPadOS 16.5.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." } ], "metrics": { @@ -102,37 +102,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/Jul/3", - "source": "product-security@apple.com" - }, - { - "url": "http://seclists.org/fulldisclosure/2023/Jul/4", - "source": "product-security@apple.com" - }, - { - "url": "http://seclists.org/fulldisclosure/2023/Jul/5", - "source": "product-security@apple.com" - }, - { - "url": "http://seclists.org/fulldisclosure/2023/Jul/6", - "source": "product-security@apple.com" - }, - { - "url": "http://www.openwall.com/lists/oss-security/2023/06/29/1", - "source": "product-security@apple.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4AUUAJFZSYUHC3F4ER7T6JICBCYEQVK/", - "source": "product-security@apple.com" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF2RESDBALYFDF6OEJDUYFSN7XJADFRD/", - "source": "product-security@apple.com" - }, { "url": "https://support.apple.com/en-us/HT213811", "source": "product-security@apple.com", @@ -164,10 +133,6 @@ "Release Notes", "Vendor Advisory" ] - }, - { - "url": "https://www.debian.org/security/2023/dsa-5449", - "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32441.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32441.json new file mode 100644 index 00000000000..6fcea81dd09 --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32441.json @@ -0,0 +1,44 @@ +{ + "id": "CVE-2023-32441", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:31.510", + "lastModified": "2023-07-27T01:15:31.510", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, tvOS 16.6, watchOS 9.6, macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8. An app may be able to execute arbitrary code with kernel privileges." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213842", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213844", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213845", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213846", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32442.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32442.json new file mode 100644 index 00000000000..ed7b3c93f1c --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32442.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-32442", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:31.787", + "lastModified": "2023-07-27T01:15:31.787", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213844", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32443.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32443.json new file mode 100644 index 00000000000..4e180acbf54 --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32443.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-32443", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:31.987", + "lastModified": "2023-07-27T01:15:31.987", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213844", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213845", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32734.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32734.json new file mode 100644 index 00000000000..ed845d91c34 --- /dev/null +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32734.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-32734", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:32.363", + "lastModified": "2023-07-27T01:15:32.363", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213846", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-359xx/CVE-2023-35983.json b/CVE-2023/CVE-2023-359xx/CVE-2023-35983.json new file mode 100644 index 00000000000..906035f1240 --- /dev/null +++ b/CVE-2023/CVE-2023-359xx/CVE-2023-35983.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-35983", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T00:15:15.133", + "lastModified": "2023-07-27T01:15:32.667", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213844", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213845", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-359xx/CVE-2023-35993.json b/CVE-2023/CVE-2023-359xx/CVE-2023-35993.json new file mode 100644 index 00000000000..f0a9f19a3a6 --- /dev/null +++ b/CVE-2023/CVE-2023-359xx/CVE-2023-35993.json @@ -0,0 +1,44 @@ +{ + "id": "CVE-2023-35993", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:32.877", + "lastModified": "2023-07-27T01:15:32.877", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, tvOS 16.6, watchOS 9.6, macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8. An app may be able to execute arbitrary code with kernel privileges." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213842", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213844", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213845", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213846", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36854.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36854.json new file mode 100644 index 00000000000..8ff09ac9557 --- /dev/null +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36854.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-36854", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T00:15:15.247", + "lastModified": "2023-07-27T01:15:33.193", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213844", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213845", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36862.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36862.json new file mode 100644 index 00000000000..d1ddb0fec5d --- /dev/null +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36862.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-36862", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T00:15:15.367", + "lastModified": "2023-07-27T01:15:33.580", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37450.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37450.json new file mode 100644 index 00000000000..90c28761a19 --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37450.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2023-37450", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T00:15:15.497", + "lastModified": "2023-07-27T01:15:33.857", + "vulnStatus": "Received", + "cisaExploitAdd": "2023-07-13", + "cisaActionDue": "2023-08-03", + "cisaRequiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", + "cisaVulnerabilityName": "Apple Multiple Products WebKit Code Execution Vulnerability", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, watchOS 9.6, macOS Ventura 13.5, Safari 16.5.2. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213826", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213846", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38133.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38133.json new file mode 100644 index 00000000000..a4f69cf1773 --- /dev/null +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38133.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2023-38133", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T00:15:15.620", + "lastModified": "2023-07-27T01:15:34.140", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, watchOS 9.6, macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.6. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213842", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213846", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213847", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38136.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38136.json new file mode 100644 index 00000000000..dbc26ba6542 --- /dev/null +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38136.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-38136", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:34.487", + "lastModified": "2023-07-27T01:15:34.487", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-382xx/CVE-2023-38258.json b/CVE-2023/CVE-2023-382xx/CVE-2023-38258.json new file mode 100644 index 00000000000..9c9d34184aa --- /dev/null +++ b/CVE-2023/CVE-2023-382xx/CVE-2023-38258.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-38258", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:34.683", + "lastModified": "2023-07-27T01:15:34.683", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213844", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-382xx/CVE-2023-38259.json b/CVE-2023/CVE-2023-382xx/CVE-2023-38259.json new file mode 100644 index 00000000000..72c24f6d6fc --- /dev/null +++ b/CVE-2023/CVE-2023-382xx/CVE-2023-38259.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-38259", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:34.920", + "lastModified": "2023-07-27T01:15:34.920", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213844", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213845", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-382xx/CVE-2023-38261.json b/CVE-2023/CVE-2023-382xx/CVE-2023-38261.json new file mode 100644 index 00000000000..73cf0c6b575 --- /dev/null +++ b/CVE-2023/CVE-2023-382xx/CVE-2023-38261.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-38261", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:35.170", + "lastModified": "2023-07-27T01:15:35.170", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-384xx/CVE-2023-38410.json b/CVE-2023/CVE-2023-384xx/CVE-2023-38410.json new file mode 100644 index 00000000000..07636039bba --- /dev/null +++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38410.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-38410", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T00:15:15.767", + "lastModified": "2023-07-27T01:15:35.443", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-384xx/CVE-2023-38421.json b/CVE-2023/CVE-2023-384xx/CVE-2023-38421.json new file mode 100644 index 00000000000..225352187f9 --- /dev/null +++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38421.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-38421", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:35.833", + "lastModified": "2023-07-27T01:15:35.833", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213844", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-384xx/CVE-2023-38424.json b/CVE-2023/CVE-2023-384xx/CVE-2023-38424.json new file mode 100644 index 00000000000..607a4d06faa --- /dev/null +++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38424.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-38424", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:36.070", + "lastModified": "2023-07-27T01:15:36.070", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-384xx/CVE-2023-38425.json b/CVE-2023/CVE-2023-384xx/CVE-2023-38425.json new file mode 100644 index 00000000000..9df4a5b6a74 --- /dev/null +++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38425.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-38425", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:36.347", + "lastModified": "2023-07-27T01:15:36.347", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38564.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38564.json new file mode 100644 index 00000000000..801768f623a --- /dev/null +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38564.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-38564", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:36.513", + "lastModified": "2023-07-27T01:15:36.513", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. An app may be able to modify protected parts of the file system." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38565.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38565.json new file mode 100644 index 00000000000..28df4000eb8 --- /dev/null +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38565.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-38565", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:36.677", + "lastModified": "2023-07-27T01:15:36.677", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Monterey 12.6.8, watchOS 9.6, macOS Big Sur 11.7.9, macOS Ventura 13.5. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213844", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213845", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38572.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38572.json new file mode 100644 index 00000000000..fc455b6ef81 --- /dev/null +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38572.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2023-38572", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:36.913", + "lastModified": "2023-07-27T01:15:36.913", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, watchOS 9.6, macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.6. A website may be able to bypass Same Origin Policy." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213842", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213846", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213847", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38580.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38580.json new file mode 100644 index 00000000000..37e1cb89105 --- /dev/null +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38580.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-38580", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:37.127", + "lastModified": "2023-07-27T01:15:37.127", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38593.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38593.json new file mode 100644 index 00000000000..bbe54d7910c --- /dev/null +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38593.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-38593", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:37.330", + "lastModified": "2023-07-27T01:15:37.330", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Monterey 12.6.8, watchOS 9.6, macOS Big Sur 11.7.9, macOS Ventura 13.5. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213844", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213845", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38594.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38594.json new file mode 100644 index 00000000000..abf2a90051b --- /dev/null +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38594.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2023-38594", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T00:15:15.887", + "lastModified": "2023-07-27T01:15:37.537", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, watchOS 9.6, Safari 16.6, macOS Ventura 13.5. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213842", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213846", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213847", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38595.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38595.json new file mode 100644 index 00000000000..c73570da5d8 --- /dev/null +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38595.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-38595", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:37.767", + "lastModified": "2023-07-27T01:15:37.767", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, watchOS 9.6, Safari 16.6, macOS Ventura 13.5. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213846", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213847", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38597.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38597.json new file mode 100644 index 00000000000..b046b01ed16 --- /dev/null +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38597.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-38597", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T00:15:16.030", + "lastModified": "2023-07-27T01:15:37.990", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, Safari 16.6. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213842", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213847", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38600.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38600.json new file mode 100644 index 00000000000..c56b7685748 --- /dev/null +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38600.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-38600", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:38.187", + "lastModified": "2023-07-27T01:15:38.187", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6, Safari 16.6. Processing web content may lead to arbitrary code execution." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213846", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213847", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38602.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38602.json new file mode 100644 index 00000000000..2597e2bfe3d --- /dev/null +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38602.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-38602", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:38.400", + "lastModified": "2023-07-27T01:15:38.400", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213844", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213845", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38603.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38603.json new file mode 100644 index 00000000000..a707cbb90e3 --- /dev/null +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38603.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-38603", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:38.630", + "lastModified": "2023-07-27T01:15:38.630", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38606.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38606.json new file mode 100644 index 00000000000..333e4aaaa28 --- /dev/null +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38606.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2023-38606", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T00:15:16.173", + "lastModified": "2023-07-27T01:15:38.903", + "vulnStatus": "Received", + "cisaExploitAdd": "2023-07-26", + "cisaActionDue": "2023-08-16", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Apple Multiple Products Kernel Unspecified Vulnerability", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, macOS Monterey 12.6.8, watchOS 9.6, macOS Big Sur 11.7.9, macOS Ventura 13.5. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213842", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213844", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213845", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213846", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38608.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38608.json new file mode 100644 index 00000000000..8906b976649 --- /dev/null +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38608.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-38608", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:39.113", + "lastModified": "2023-07-27T01:15:39.113", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. Processing web content may disclose sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38611.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38611.json new file mode 100644 index 00000000000..21d2f5899c0 --- /dev/null +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38611.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-38611", + "sourceIdentifier": "product-security@apple.com", + "published": "2023-07-27T01:15:39.303", + "lastModified": "2023-07-27T01:15:39.303", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6, Safari 16.6. Processing web content may lead to arbitrary code execution." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://support.apple.com/en-us/HT213841", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213843", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213846", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213847", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/en-us/HT213848", + "source": "product-security@apple.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 7dd26fa1698..2e6647f3df5 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-07-26T23:55:25.844346+00:00 +2023-07-27T02:00:28.617802+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-07-26T23:15:10.170000+00:00 +2023-07-27T01:15:39.303000+00:00 ``` ### Last Data Feed Release @@ -23,31 +23,75 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2023-07-26T00:00:13.564517+00:00 +2023-07-27T00:00:13.573160+00:00 ``` ### Total Number of included CVEs ```plain -221093 +221135 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `42` -* [CVE-2023-28013](CVE-2023/CVE-2023-280xx/CVE-2023-28013.json) (`2023-07-26T23:15:09.787`) -* [CVE-2023-3451](CVE-2023/CVE-2023-34xx/CVE-2023-3451.json) (`2023-07-26T23:15:10.170`) +* [CVE-2023-36862](CVE-2023/CVE-2023-368xx/CVE-2023-36862.json) (`2023-07-27T00:15:15.367`) +* [CVE-2023-37450](CVE-2023/CVE-2023-374xx/CVE-2023-37450.json) (`2023-07-27T00:15:15.497`) +* [CVE-2023-38133](CVE-2023/CVE-2023-381xx/CVE-2023-38133.json) (`2023-07-27T00:15:15.620`) +* [CVE-2023-38136](CVE-2023/CVE-2023-381xx/CVE-2023-38136.json) (`2023-07-27T01:15:34.487`) +* [CVE-2023-38258](CVE-2023/CVE-2023-382xx/CVE-2023-38258.json) (`2023-07-27T01:15:34.683`) +* [CVE-2023-38259](CVE-2023/CVE-2023-382xx/CVE-2023-38259.json) (`2023-07-27T01:15:34.920`) +* [CVE-2023-38261](CVE-2023/CVE-2023-382xx/CVE-2023-38261.json) (`2023-07-27T01:15:35.170`) +* [CVE-2023-38410](CVE-2023/CVE-2023-384xx/CVE-2023-38410.json) (`2023-07-27T00:15:15.767`) +* [CVE-2023-38421](CVE-2023/CVE-2023-384xx/CVE-2023-38421.json) (`2023-07-27T01:15:35.833`) +* [CVE-2023-38424](CVE-2023/CVE-2023-384xx/CVE-2023-38424.json) (`2023-07-27T01:15:36.070`) +* [CVE-2023-38425](CVE-2023/CVE-2023-384xx/CVE-2023-38425.json) (`2023-07-27T01:15:36.347`) +* [CVE-2023-38564](CVE-2023/CVE-2023-385xx/CVE-2023-38564.json) (`2023-07-27T01:15:36.513`) +* [CVE-2023-38565](CVE-2023/CVE-2023-385xx/CVE-2023-38565.json) (`2023-07-27T01:15:36.677`) +* [CVE-2023-38572](CVE-2023/CVE-2023-385xx/CVE-2023-38572.json) (`2023-07-27T01:15:36.913`) +* [CVE-2023-38580](CVE-2023/CVE-2023-385xx/CVE-2023-38580.json) (`2023-07-27T01:15:37.127`) +* [CVE-2023-38593](CVE-2023/CVE-2023-385xx/CVE-2023-38593.json) (`2023-07-27T01:15:37.330`) +* [CVE-2023-38594](CVE-2023/CVE-2023-385xx/CVE-2023-38594.json) (`2023-07-27T00:15:15.887`) +* [CVE-2023-38595](CVE-2023/CVE-2023-385xx/CVE-2023-38595.json) (`2023-07-27T01:15:37.767`) +* [CVE-2023-38597](CVE-2023/CVE-2023-385xx/CVE-2023-38597.json) (`2023-07-27T00:15:16.030`) +* [CVE-2023-38600](CVE-2023/CVE-2023-386xx/CVE-2023-38600.json) (`2023-07-27T01:15:38.187`) +* [CVE-2023-38602](CVE-2023/CVE-2023-386xx/CVE-2023-38602.json) (`2023-07-27T01:15:38.400`) +* [CVE-2023-38603](CVE-2023/CVE-2023-386xx/CVE-2023-38603.json) (`2023-07-27T01:15:38.630`) +* [CVE-2023-38606](CVE-2023/CVE-2023-386xx/CVE-2023-38606.json) (`2023-07-27T00:15:16.173`) +* [CVE-2023-38608](CVE-2023/CVE-2023-386xx/CVE-2023-38608.json) (`2023-07-27T01:15:39.113`) +* [CVE-2023-38611](CVE-2023/CVE-2023-386xx/CVE-2023-38611.json) (`2023-07-27T01:15:39.303`) ### CVEs modified in the last Commit -Recently modified CVEs: `4` +Recently modified CVEs: `154` -* [CVE-2023-21261](CVE-2023/CVE-2023-212xx/CVE-2023-21261.json) (`2023-07-26T23:15:09.703`) -* [CVE-2023-28205](CVE-2023/CVE-2023-282xx/CVE-2023-28205.json) (`2023-07-26T23:15:09.867`) -* [CVE-2023-32388](CVE-2023/CVE-2023-323xx/CVE-2023-32388.json) (`2023-07-26T23:15:09.960`) -* [CVE-2023-32435](CVE-2023/CVE-2023-324xx/CVE-2023-32435.json) (`2023-07-26T23:15:10.057`) +* [CVE-2023-32397](CVE-2023/CVE-2023-323xx/CVE-2023-32397.json) (`2023-07-27T01:15:24.267`) +* [CVE-2023-32398](CVE-2023/CVE-2023-323xx/CVE-2023-32398.json) (`2023-07-27T01:15:24.420`) +* [CVE-2023-32399](CVE-2023/CVE-2023-323xx/CVE-2023-32399.json) (`2023-07-27T01:15:24.610`) +* [CVE-2023-32400](CVE-2023/CVE-2023-324xx/CVE-2023-32400.json) (`2023-07-27T01:15:24.803`) +* [CVE-2023-32402](CVE-2023/CVE-2023-324xx/CVE-2023-32402.json) (`2023-07-27T01:15:24.980`) +* [CVE-2023-32403](CVE-2023/CVE-2023-324xx/CVE-2023-32403.json) (`2023-07-27T01:15:25.233`) +* [CVE-2023-32404](CVE-2023/CVE-2023-324xx/CVE-2023-32404.json) (`2023-07-27T01:15:25.433`) +* [CVE-2023-32405](CVE-2023/CVE-2023-324xx/CVE-2023-32405.json) (`2023-07-27T01:15:25.677`) +* [CVE-2023-32407](CVE-2023/CVE-2023-324xx/CVE-2023-32407.json) (`2023-07-27T01:15:25.907`) +* [CVE-2023-32408](CVE-2023/CVE-2023-324xx/CVE-2023-32408.json) (`2023-07-27T01:15:26.057`) +* [CVE-2023-32409](CVE-2023/CVE-2023-324xx/CVE-2023-32409.json) (`2023-07-27T01:15:26.233`) +* [CVE-2023-32410](CVE-2023/CVE-2023-324xx/CVE-2023-32410.json) (`2023-07-27T01:15:26.533`) +* [CVE-2023-32411](CVE-2023/CVE-2023-324xx/CVE-2023-32411.json) (`2023-07-27T01:15:26.733`) +* [CVE-2023-32412](CVE-2023/CVE-2023-324xx/CVE-2023-32412.json) (`2023-07-27T01:15:26.967`) +* [CVE-2023-32413](CVE-2023/CVE-2023-324xx/CVE-2023-32413.json) (`2023-07-27T01:15:27.100`) +* [CVE-2023-32414](CVE-2023/CVE-2023-324xx/CVE-2023-32414.json) (`2023-07-27T01:15:27.280`) +* [CVE-2023-32415](CVE-2023/CVE-2023-324xx/CVE-2023-32415.json) (`2023-07-27T01:15:27.517`) +* [CVE-2023-32417](CVE-2023/CVE-2023-324xx/CVE-2023-32417.json) (`2023-07-27T01:15:28.023`) +* [CVE-2023-32419](CVE-2023/CVE-2023-324xx/CVE-2023-32419.json) (`2023-07-27T01:15:28.637`) +* [CVE-2023-32420](CVE-2023/CVE-2023-324xx/CVE-2023-32420.json) (`2023-07-27T01:15:28.833`) +* [CVE-2023-32422](CVE-2023/CVE-2023-324xx/CVE-2023-32422.json) (`2023-07-27T01:15:29.063`) +* [CVE-2023-32423](CVE-2023/CVE-2023-324xx/CVE-2023-32423.json) (`2023-07-27T01:15:29.330`) +* [CVE-2023-32434](CVE-2023/CVE-2023-324xx/CVE-2023-32434.json) (`2023-07-27T01:15:30.130`) +* [CVE-2023-32435](CVE-2023/CVE-2023-324xx/CVE-2023-32435.json) (`2023-07-27T01:15:30.517`) +* [CVE-2023-32439](CVE-2023/CVE-2023-324xx/CVE-2023-32439.json) (`2023-07-27T01:15:31.083`) ## Download and Usage