![]() Impact: Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.CVE-2023-27937: an anonymous researcher.Description: An integer overflow was addressed with improved input validation.Impact: Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution.CVE-2023-27958: Aleksandar Nikolic of Cisco Talos.CVE-2023-27953: Aleksandar Nikolic of Cisco Talos.Impact: A remote user may be able to cause unexpected system termination or corrupt kernel memory.CVE-2023-27935: Aleksandar Nikolic of Cisco Talos.Description: The issue was addressed with improved bounds checks.Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution.CVE-2023-27936: Tingting Yin of Tsinghua University.Description: An out-of-bounds write issue was addressed with improved input validation.Impact: An app may be able to cause unexpected system termination or write kernel memory.Impact: An app may be able to read arbitrary files.CVE-2023-27961: Rıza Sabuncu Available for: macOS Monterey/macOS Big Sur.Description: Multiple validation issues were addressed with improved input sanitization.Impact: Importing a maliciously crafted calendar invitation may exfiltrate user information.CVE-2023-27951: Brandon Dalton of Red Canary and Csaba Fitzl of Offensive Security.Impact: An archive may be able to bypass Gatekeeper.Description: The issue was addressed with improved checks.Impact: A user may gain access to protected parts of the file system.CVE-2023-23540: Mohamed GHANNAM Available for: macOS Monterey/macOS Big Sur.Description: The issue was addressed with improved memory handling.Impact: An app may be able to execute arbitrary code with kernel privileges.Available for: macOS Monterey/macOS Big Sur.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |