Description: The issue was addressed with improved authentication.Impact: A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device.CVE-2023-27949: Mickey Jin Available for: macOS Monterey/macOS Big Sur.Description: An out-of-bounds read was addressed with improved input validation.Description: A validation issue was addressed with improved input sanitization.Impact: An app may be able to disclose kernel memory.Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges.CVE-2023-23514: Xinru Chi of Pangu Lab and Ned Williamson of Google Project Zero.Description: A use after free issue was addressed with improved memory management.CVE-2023-27946: Mickey Jin Available for: macOS Monterey/macOS Big Sur.Description: An out-of-bounds read was addressed with improved bounds checking.Impact: Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.CVE-2023-27937: an anonymous researcher.Description: An integer overflow was addressed with improved input validation.Impact: Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |