Total
33315 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40407 | 1 Apple | 1 Macos | 2025-11-04 | 7.5 High |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14. A remote attacker may be able to cause a denial-of-service. | ||||
| CVE-2023-40406 | 1 Apple | 1 Macos | 2025-11-04 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, macOS Ventura 13.6, macOS Sonoma 14. An app may be able to read arbitrary files. | ||||
| CVE-2023-40403 | 2 Apple, Redhat | 7 Ipados, Iphone Os, Macos and 4 more | 2025-11-04 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may disclose sensitive information. | ||||
| CVE-2023-40402 | 1 Apple | 1 Macos | 2025-11-04 | 5.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data. | ||||
| CVE-2023-40400 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-11-04 | 9.8 Critical |
| This issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. A remote user may cause an unexpected app termination or arbitrary code execution. | ||||
| CVE-2023-40399 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-11-04 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to disclose kernel memory. | ||||
| CVE-2023-40395 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-11-04 | 3.3 Low |
| The issue was addressed with improved handling of caches. This issue is fixed in tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access contacts. | ||||
| CVE-2023-40391 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-11-04 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, macOS Sonoma 14, Xcode 15. An app may be able to disclose kernel memory. | ||||
| CVE-2023-40390 | 1 Apple | 1 Macos | 2025-11-04 | 5.5 Medium |
| A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sonoma 14.2. An app may be able to access user-sensitive data. | ||||
| CVE-2023-40388 | 1 Apple | 1 Macos | 2025-11-04 | 4.3 Medium |
| A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. Safari may save photos to an unprotected location. | ||||
| CVE-2023-40386 | 1 Apple | 1 Macos | 2025-11-04 | 3.3 Low |
| A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. An app may be able to access Notes attachments. | ||||
| CVE-2023-40384 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-11-04 | 3.3 Low |
| A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read sensitive location information. | ||||
| CVE-2023-39233 | 1 Apple | 1 Macos | 2025-11-04 | 6.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may disclose sensitive information. | ||||
| CVE-2023-38615 | 1 Apple | 1 Macos | 2025-11-04 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2023-38612 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-11-04 | 3.3 Low |
| The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, iOS 17 and iPadOS 17, macOS Sonoma 14, macOS Ventura 13.6. An app may be able to access protected user data. | ||||
| CVE-2023-38607 | 1 Apple | 1 Macos | 2025-11-04 | 5.5 Medium |
| The issue was addressed with improved handling of caches. This issue is fixed in macOS Sonoma 14. An app may be able to modify Printer settings. | ||||
| CVE-2023-38596 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-11-04 | 5.5 Medium |
| The issue was addressed with improved handling of protocols. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may fail to enforce App Transport Security. | ||||
| CVE-2023-38586 | 1 Apple | 1 Macos | 2025-11-04 | 10 Critical |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sonoma 14. A sandboxed process may be able to circumvent sandbox restrictions. | ||||
| CVE-2023-38546 | 2 Haxx, Redhat | 6 Libcurl, Enterprise Linux, Jboss Core Services and 3 more | 2025-11-04 | 3.7 Low |
| This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates "easy handles" that are the individual handles for single transfers. libcurl provides a function call that duplicates en easy handle called [curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html). If a transfer has cookies enabled when the handle is duplicated, the cookie-enable state is also cloned - but without cloning the actual cookies. If the source handle did not read any cookies from a specific file on disk, the cloned version of the handle would instead store the file name as `none` (using the four ASCII letters, no quotes). Subsequent use of the cloned handle that does not explicitly set a source to load cookies from would then inadvertently load cookies from a file named `none` - if such a file exists and is readable in the current directory of the program using libcurl. And if using the correct file format of course. | ||||
| CVE-2023-37448 | 1 Apple | 1 Macos | 2025-11-04 | 3.3 Low |
| A lock screen issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14. A user may be able to view restricted content from the lock screen. | ||||