2023.json

[
    {
        "impact": "Processing a file may lead to a denial-of-service or potentially disclose memory contents", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "The issue was addressed with improved checks.", 
        "update": "December 21, 2023", 
        "module": "WebKit", 
        "id": "CVE-2014-1745", 
        "credit": "an anonymous researcher", 
        "bugzilla": "249434", 
        "page": "https://support.apple.com/en-us/HT213671", 
        "rsr": ""
    }, 
    {
        "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "This issue was addressed with improved checks.", 
        "update": "", 
        "module": "ncurses", 
        "id": "CVE-2020-19185", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "This issue was addressed with improved checks.", 
        "update": "", 
        "module": "ncurses", 
        "id": "CVE-2020-19186", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "This issue was addressed with improved checks.", 
        "update": "", 
        "module": "ncurses", 
        "id": "CVE-2020-19187", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "This issue was addressed with improved checks.", 
        "update": "", 
        "module": "ncurses", 
        "id": "CVE-2020-19188", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "This issue was addressed with improved checks.", 
        "update": "", 
        "module": "ncurses", 
        "id": "CVE-2020-19189", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "This issue was addressed with improved checks.", 
        "update": "", 
        "module": "ncurses", 
        "id": "CVE-2020-19190", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "An HTML document may be able to render iframes with sensitive user information", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "This issue was addressed with improved iframe sandbox enforcement.", 
        "update": "March 16, 2023", 
        "module": "WebKit", 
        "id": "CVE-2022-0108", 
        "credit": "", 
        "bugzilla": "241753", 
        "page": "https://support.apple.com/en-us/HT213638", 
        "rsr": ""
    }, 
    {
        "impact": "An application may be able to execute arbitrary code with kernel privileges", 
        "available": "macOS Big Sur", 
        "description": "A use after free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "AppleAVD", 
        "id": "CVE-2022-26702", 
        "credit": "an anonymous researcher, Antonio Zekic (@antoniozekic), and John Aakerblom (@jaakerblom)", 
        "page": "https://support.apple.com/en-us/HT213675", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in curl", 
        "available": "macOS Monterey", 
        "description": "Multiple issues were addressed by updating to curl version 7.86.0.", 
        "update": "", 
        "module": "curl", 
        "id": "CVE-2022-32221", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213604", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "macOS Monterey", 
        "description": "A type confusion issue was addressed with improved checks.", 
        "update": "", 
        "module": "DriverKit", 
        "id": "CVE-2022-32915", 
        "credit": "Tommy Muir (@Muirey03)", 
        "page": "https://support.apple.com/en-us/HT213604", 
        "rsr": ""
    }, 
    {
        "impact": "Parsing a file may lead to disclosure of user information", 
        "available": "macOS Monterey 12.5 and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "otool", 
        "id": "CVE-2022-32920", 
        "credit": "hjy79425575", 
        "page": "https://support.apple.com/en-us/HT213883", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in curl", 
        "available": "macOS Monterey", 
        "description": "Multiple issues were addressed by updating to curl version 7.85.0.", 
        "update": "", 
        "module": "curl", 
        "id": "CVE-2022-35252", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213604", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in curl", 
        "available": "macOS Monterey", 
        "description": "Multiple issues were addressed by updating to curl version 7.86.0.", 
        "update": "", 
        "module": "curl", 
        "id": "CVE-2022-35260", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213604", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in Vim", 
        "available": "macOS Ventura", 
        "description": "A use after free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "Vim", 
        "id": "CVE-2022-3705", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213605", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted image may lead to a denial of service", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "October 31, 2023", 
        "module": "ImageIO", 
        "id": "CVE-2022-3970", 
        "credit": "found by OSS-Fuzz", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access mail folder attachments through a temporary directory used during compression", 
        "available": "macOS Monterey", 
        "description": "An access issue was addressed with improved access restrictions.", 
        "update": "May 11, 2023", 
        "module": "Mail", 
        "id": "CVE-2022-42834", 
        "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing", 
        "page": "https://support.apple.com/en-us/HT213604", 
        "rsr": ""
    }, 
    {
        "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.", 
        "available": "iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)", 
        "description": "A type confusion issue was addressed with improved state handling.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2022-42856", 
        "credit": "Cl\u00e9ment Lecigne of Google's Threat Analysis Group", 
        "bugzilla": "248266", 
        "page": "https://support.apple.com/en-us/HT213597", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in curl", 
        "available": "macOS Monterey", 
        "description": "Multiple issues were addressed by updating to curl version 7.86.0.", 
        "update": "", 
        "module": "curl", 
        "id": "CVE-2022-42915", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213604", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in curl", 
        "available": "macOS Monterey", 
        "description": "Multiple issues were addressed by updating to curl version 7.86.0.", 
        "update": "", 
        "module": "curl", 
        "id": "CVE-2022-42916", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213604", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in curl", 
        "available": "macOS Ventura", 
        "description": "Multiple issues were addressed by updating curl.", 
        "update": "", 
        "module": "curl", 
        "id": "CVE-2022-43551", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in curl", 
        "available": "macOS Ventura", 
        "description": "Multiple issues were addressed by updating curl.", 
        "update": "", 
        "module": "curl", 
        "id": "CVE-2022-43552", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "Visiting a malicious website may lead to address bar spoofing", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.", 
        "update": "May 1, 2023, updated December 21, 2023", 
        "module": "WebKit", 
        "id": "CVE-2022-46705", 
        "credit": "Hyeon Park (@tree_segment) of Team ApplePIE", 
        "bugzilla": "247287", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed by restricting options offered on a locked device.", 
        "update": "August 1, 2023", 
        "module": "Magnifier", 
        "id": "CVE-2022-46724", 
        "credit": "Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "Visiting a malicious website may lead to address bar spoofing", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.", 
        "update": "August 1, 2023, updated December 21, 2023", 
        "module": "WebKit", 
        "id": "CVE-2022-46725", 
        "credit": "Hyeon Park (@tree_segment) of Team ApplePIE", 
        "bugzilla": "247289", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in Vim", 
        "available": "macOS Ventura", 
        "description": "Multiple issues were addressed by updating to Vim version 9.0.1191.", 
        "update": "", 
        "module": "Vim", 
        "id": "CVE-2023-0049", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in Vim", 
        "available": "macOS Ventura", 
        "description": "Multiple issues were addressed by updating to Vim version 9.0.1191.", 
        "update": "", 
        "module": "Vim", 
        "id": "CVE-2023-0051", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in Vim", 
        "available": "macOS Ventura", 
        "description": "Multiple issues were addressed by updating to Vim version 9.0.1191.", 
        "update": "", 
        "module": "Vim", 
        "id": "CVE-2023-0054", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in Vim", 
        "available": "macOS Ventura", 
        "description": "Multiple issues were addressed by updating to Vim version 9.0.1191.", 
        "update": "", 
        "module": "Vim", 
        "id": "CVE-2023-0288", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in Vim", 
        "available": "macOS Big Sur", 
        "description": "Multiple issues were addressed by updating to Vim version 9.0.1191.", 
        "update": "", 
        "module": "Vim", 
        "id": "CVE-2023-0433", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213675", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in Vim", 
        "available": "macOS Big Sur", 
        "description": "Multiple issues were addressed by updating to Vim version 9.0.1191.", 
        "update": "", 
        "module": "Vim", 
        "id": "CVE-2023-0512", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213675", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker in a privileged network position may be able to execute arbitrary code", 
        "available": "macOS Ventura", 
        "description": "An out-of-bounds write issue was addressed with improved input validation.", 
        "update": "December 21, 2023", 
        "module": "tcpdump", 
        "id": "CVE-2023-1801", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "Processing an image may result in disclosure of process memory", 
        "available": "macOS Ventura", 
        "description": "This issue was addressed with improved checks.", 
        "update": "December 21, 2023", 
        "module": "Model I/O", 
        "id": "CVE-2023-1916", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to elevate privileges", 
        "available": "macOS Ventura", 
        "description": "This issue was addressed by updating sudo.", 
        "update": "September 5, 2023", 
        "module": "sudo", 
        "id": "CVE-2023-22809", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213758", 
        "rsr": ""
    }, 
    {
        "impact": "An encrypted volume may be unmounted and remounted by a different user without prompting for the password", 
        "available": "macOS Monterey", 
        "description": "A logic issue was addressed with improved state management.", 
        "update": "", 
        "module": "DiskArbitration", 
        "id": "CVE-2023-23493", 
        "credit": "Oliver Norpoth (@norpoth) of KLIXX GmbH (klixx.com)", 
        "page": "https://support.apple.com/en-us/HT213604", 
        "rsr": ""
    }, 
    {
        "impact": "A user in a privileged network position may be able to cause a denial-of-service", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A buffer overflow was addressed with improved bounds checking.", 
        "update": "", 
        "module": "CarPlay", 
        "id": "CVE-2023-23494", 
        "credit": "Itay Iellin of General Motors Product Cyber Security", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A permissions issue was addressed with improved redaction of sensitive information.", 
        "update": "", 
        "module": "iCloud", 
        "id": "CVE-2023-23495", 
        "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "The issue was addressed with improved checks.", 
        "update": "March 16, 2023", 
        "module": "WebKit", 
        "id": "CVE-2023-23496", 
        "credit": "ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming Wang, JiKai Ren, and Hang Shu of Institute of Computing Technology, Chinese Academy of Sciences", 
        "bugzilla": "245464", 
        "page": "https://support.apple.com/en-us/HT213638", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain root privileges", 
        "available": "macOS Monterey", 
        "description": "A logic issue was addressed with improved state management.", 
        "update": "", 
        "module": "PackageKit", 
        "id": "CVE-2023-23497", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213604", 
        "rsr": ""
    }, 
    {
        "impact": "The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "A logic issue was addressed with improved state management.", 
        "update": "March 16, 2023", 
        "module": "Mail Exchange", 
        "id": "CVE-2023-23498", 
        "credit": "Jose Lizandro Luevano", 
        "page": "https://support.apple.com/en-us/HT213598", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "Apple TV 4K (all models) and Apple TV HD", 
        "description": "This issue was addressed by enabling hardened runtime.", 
        "update": "", 
        "module": "AppleMobileFileIntegrity", 
        "id": "CVE-2023-23499", 
        "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing (wojciechregula.blog)", 
        "page": "https://support.apple.com/en-us/HT213601", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to leak sensitive kernel state", 
        "available": "Apple TV 4K (all models) and Apple TV HD", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-23500", 
        "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd. (@starlabs_sg)", 
        "page": "https://support.apple.com/en-us/HT213601", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to disclose kernel memory.", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with improved memory handling", 
        "update": "", 
        "module": "Wi-Fi", 
        "id": "CVE-2023-23501", 
        "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd. (@starlabs_sg)", 
        "page": "https://support.apple.com/en-us/HT213605", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to determine kernel memory layout", 
        "available": "Apple TV 4K (all models) and Apple TV HD", 
        "description": "An information disclosure issue was addressed by removing the vulnerable code.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-23502", 
        "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd. (@starlabs_sg)", 
        "page": "https://support.apple.com/en-us/HT213601", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass Privacy preferences", 
        "available": "Apple TV 4K (all models) and Apple TV HD", 
        "description": "A logic issue was addressed with improved state management.", 
        "update": "", 
        "module": "Maps", 
        "id": "CVE-2023-23503", 
        "credit": "an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213601", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "Apple TV 4K (all models) and Apple TV HD", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-23504", 
        "credit": "Adam Doup\u00e9 of ASU SEFCOM", 
        "page": "https://support.apple.com/en-us/HT213601", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access information about a user\u2019s contacts", 
        "available": "macOS Monterey", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "May 11, 2023", 
        "module": "Screen Time", 
        "id": "CVE-2023-23505", 
        "credit": "Wojciech Regula of SecuRing (wojciechregula.blog) and Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT213604", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "macOS Ventura", 
        "description": "A permissions issue was addressed with improved validation.", 
        "update": "", 
        "module": "libxpc", 
        "id": "CVE-2023-23506", 
        "credit": "Guilherme Rambo of Best Buddy Apps (rambo.codes)", 
        "page": "https://support.apple.com/en-us/HT213605", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "macOS Monterey", 
        "description": "The issue was addressed with improved bounds checks.", 
        "update": "", 
        "module": "Intel Graphics Driver", 
        "id": "CVE-2023-23507", 
        "credit": "an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213604", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass Privacy preferences", 
        "available": "macOS Monterey", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Windows Installer", 
        "id": "CVE-2023-23508", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213604", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access a user\u2019s Safari history", 
        "available": "macOS Ventura", 
        "description": "A permissions issue was addressed with improved validation.", 
        "update": "", 
        "module": "Safari", 
        "id": "CVE-2023-23510", 
        "credit": "Guilherme Rambo of Best Buddy Apps (rambo.codes)", 
        "page": "https://support.apple.com/en-us/HT213605", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass Privacy preferences", 
        "available": "Apple TV 4K (all models) and Apple TV HD", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Weather", 
        "id": "CVE-2023-23511", 
        "credit": "Wojciech Regula of SecuRing (wojciechregula.blog), an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213601", 
        "rsr": ""
    }, 
    {
        "impact": "Visiting a website may lead to an app denial-of-service", 
        "available": "Apple TV 4K (all models) and Apple TV HD", 
        "description": "The issue was addressed with improved handling of caches.", 
        "update": "", 
        "module": "Safari", 
        "id": "CVE-2023-23512", 
        "credit": "Adriatik Raci", 
        "page": "https://support.apple.com/en-us/HT213601", 
        "rsr": ""
    }, 
    {
        "impact": "Mounting a maliciously crafted Samba network share may lead to arbitrary code execution", 
        "available": "macOS Monterey", 
        "description": "A buffer overflow issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "dcerpc", 
        "id": "CVE-2023-23513", 
        "credit": "Dimitrios Tatsis and Aleksandar Nikolic of Cisco Talos", 
        "page": "https://support.apple.com/en-us/HT213604", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "macOS Big Sur", 
        "description": "A use after free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-23514", 
        "credit": "Xinru Chi of Pangu Lab and Ned Williamson of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT213675", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "macOS Monterey", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "May 11, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-23516", 
        "credit": "Jordy Zomer (@pwningsystems)", 
        "page": "https://support.apple.com/en-us/HT213604", 
        "rsr": ""
    }, 
    {
        "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "March 16, 2023", 
        "module": "WebKit", 
        "id": "CVE-2023-23517", 
        "credit": "YeongHyeon Choi (@hyeon101010), Hyeon Park (@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung), JunSeo Bae (@snakebjs0107), and Dohyun Lee (@l33d0hyun) of Team ApplePIE", 
        "bugzilla": "248268", 
        "page": "https://support.apple.com/en-us/HT213638", 
        "rsr": ""
    }, 
    {
        "impact": "Processing maliciously crafted web content may lead to arbitrary code execution", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "March 16, 2023", 
        "module": "WebKit", 
        "id": "CVE-2023-23518", 
        "credit": "YeongHyeon Choi (@hyeon101010), Hyeon Park (@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung), JunSeo Bae (@snakebjs0107), and Dohyun Lee (@l33d0hyun) of Team ApplePIE", 
        "bugzilla": "248268", 
        "page": "https://support.apple.com/en-us/HT213638", 
        "rsr": ""
    }, 
    {
        "impact": "Processing an image may lead to a denial-of-service", 
        "available": "Apple TV 4K (all models) and Apple TV HD", 
        "description": "A memory corruption issue was addressed with improved state management.", 
        "update": "September 5, 2023", 
        "module": "ImageIO", 
        "id": "CVE-2023-23519", 
        "credit": "Meysam Firouzi @R00tkitSMM of Mbition Mercedes-Benz Innovation Lab, Yi\u011fit Can YILMAZ (@yilmazcanyigit), and jzhu working with Trend Micro Zero Day Initiative", 
        "page": "https://support.apple.com/en-us/HT213601", 
        "rsr": ""
    }, 
    {
        "impact": "A user may be able to read arbitrary files as root", 
        "available": "Apple TV 4K (all models) and Apple TV HD", 
        "description": "A race condition was addressed with additional validation.", 
        "update": "June 7, 2023", 
        "module": "Crash Reporter", 
        "id": "CVE-2023-23520", 
        "credit": "Cees Elzinga", 
        "page": "https://support.apple.com/en-us/HT213601", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to observe unprotected user data.", 
        "available": "macOS Ventura", 
        "description": "A privacy issue was addressed with improved handling of temporary files.", 
        "update": "", 
        "module": "Shortcuts", 
        "id": "CVE-2023-23522", 
        "credit": "Wenchao Li and Xiaolong Bai of Alibaba Group", 
        "page": "https://support.apple.com/en-us/HT213633", 
        "rsr": ""
    }, 
    {
        "impact": "Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A logic issue was addressed with improved restrictions.", 
        "update": "", 
        "module": "Photos", 
        "id": "CVE-2023-23523", 
        "credit": "developStorm", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted certificate may lead to a denial-of-service", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later", 
        "description": "A denial-of-service issue was addressed with improved input validation.", 
        "update": "February 20, 2023", 
        "module": "Security", 
        "id": "CVE-2023-23524", 
        "credit": "David Benjamin of Google Chrome", 
        "page": "https://support.apple.com/en-us/HT213635", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain root privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed with improved checks.", 
        "update": "", 
        "module": "LaunchServices", 
        "id": "CVE-2023-23525", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "A file from an iCloud shared-by-me folder may be able to bypass Gatekeeper", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "This was addressed with additional checks by Gatekeeper on files downloaded from an iCloud shared-by-me folder.", 
        "update": "", 
        "module": "iCloud", 
        "id": "CVE-2023-23526", 
        "credit": "Jubaer Alnazi of TRS Group of Companies", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "A user may gain access to protected parts of the file system", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "AppleMobileFileIntegrity", 
        "id": "CVE-2023-23527", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "An out-of-bounds read was addressed with improved bounds checking.", 
        "update": "", 
        "module": "Core Bluetooth", 
        "id": "CVE-2023-23528", 
        "credit": "Jianjun Dai and Guang Gong of 360 Vulnerability Research Institute", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "A type confusion issue was addressed with improved checks.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-23529", 
        "credit": "an anonymous researcher", 
        "bugzilla": "251944", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "February 20, 2023, updated May 1, 2023", 
        "module": "Foundation", 
        "id": "CVE-2023-23530", 
        "credit": "Austin Emmitt (@alkalinesec), Senior Security Researcher at Trellix Advanced Research Center", 
        "page": "https://support.apple.com/en-us/HT213606", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "February 20, 2023, updated May 1, 2023", 
        "module": "Foundation", 
        "id": "CVE-2023-23531", 
        "credit": "Austin Emmitt (@alkalinesec), Senior Security Researcher at Trellix Advanced Research Center", 
        "page": "https://support.apple.com/en-us/HT213606", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to break out of its sandbox", 
        "available": "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)", 
        "description": "This issue was addressed with improved checks.", 
        "update": "", 
        "module": "Apple Neural Engine", 
        "id": "CVE-2023-23532", 
        "credit": "Mohamed Ghannam (@_simo36)", 
        "page": "https://support.apple.com/en-us/HT213765", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify protected parts of the file system", 
        "available": "macOS Ventura", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "", 
        "module": "Sandbox", 
        "id": "CVE-2023-23533", 
        "credit": "Mickey Jin (@patch1t), Koh M. Nakagawa of FFRI Security, Inc., and Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted image may result in disclosure of process memory", 
        "available": "macOS Big Sur", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Carbon Core", 
        "id": "CVE-2023-23534", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213675", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted image may result in disclosure of process memory", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "ImageIO", 
        "id": "CVE-2023-23535", 
        "credit": "ryuzaki", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "The issue was addressed with improved bounds checks.", 
        "update": "May 1, 2023, updated December 21, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-23536", 
        "credit": "F\u00e9lix Poulin-B\u00e9langer and David Pan Ogea", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "December 21, 2023", 
        "module": "Find My", 
        "id": "CVE-2023-23537", 
        "credit": "Adam M.", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify protected parts of the file system", 
        "available": "macOS Ventura", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "", 
        "module": "PackageKit", 
        "id": "CVE-2023-23538", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "Mounting a maliciously crafted Samba network share may lead to arbitrary code execution", 
        "available": "macOS Ventura", 
        "description": "A buffer overflow issue was addressed with improved memory handling.", 
        "update": "May 1, 2023", 
        "module": "dcerpc", 
        "id": "CVE-2023-23539", 
        "credit": "Aleksandar Nikolic and Dimitrios Tatsis of Cisco Talos", 
        "page": "https://support.apple.com/en-us/HT213605", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Apple Neural Engine", 
        "id": "CVE-2023-23540", 
        "credit": "Mohamed GHANNAM (@_simo36)", 
        "page": "https://support.apple.com/en-us/HT213842", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access information about a user\u2019s contacts", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "", 
        "module": "Accessibility", 
        "id": "CVE-2023-23541", 
        "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "macOS Big Sur", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "December 21, 2023", 
        "module": "System Settings", 
        "id": "CVE-2023-23542", 
        "credit": "Adam M.", 
        "page": "https://support.apple.com/en-us/HT213675", 
        "rsr": ""
    }, 
    {
        "impact": "A sandboxed app may be able to determine which app is currently using the camera", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "The issue was addressed with additional restrictions on the observability of app states.", 
        "update": "", 
        "module": "Camera", 
        "id": "CVE-2023-23543", 
        "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in Vim", 
        "available": "macOS Ventura", 
        "description": "Multiple issues were addressed by updating Vim.", 
        "update": "December 21, 2023", 
        "module": "Vim", 
        "id": "CVE-2023-2426", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in Vim", 
        "available": "macOS Ventura", 
        "description": "Multiple issues were addressed by updating Vim.", 
        "update": "December 21, 2023", 
        "module": "Vim", 
        "id": "CVE-2023-2609", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in Vim", 
        "available": "macOS Ventura", 
        "description": "Multiple issues were addressed by updating Vim.", 
        "update": "December 21, 2023", 
        "module": "Vim", 
        "id": "CVE-2023-2610", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access information about a user\u2019s contacts", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "", 
        "module": "Identity Services", 
        "id": "CVE-2023-27928", 
        "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted image may result in disclosure of process memory", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "", 
        "module": "ImageIO", 
        "id": "CVE-2023-27929", 
        "credit": "Meysam Firouzi (@R00tkitSMM) of Mbition Mercedes-Benz Innovation Lab and jzhu working with Trend Micro Zero Day Initiative", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "Apple Watch Series 4 and later", 
        "description": "A type confusion issue was addressed with improved checks.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-27930", 
        "credit": "08Tc3wBB of Jamf", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed by removing the vulnerable code.", 
        "update": "", 
        "module": "AppleMobileFileIntegrity", 
        "id": "CVE-2023-27931", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "Processing maliciously crafted web content may bypass Same Origin Policy", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "This issue was addressed with improved state management.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-27932", 
        "credit": "an anonymous researcher", 
        "bugzilla": "248615", 
        "page": "https://support.apple.com/en-us/HT213671", 
        "rsr": ""
    }, 
    {
        "impact": "An app with root privileges may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-27933", 
        "credit": "sqrtpwn", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution", 
        "available": "macOS Ventura", 
        "description": "A memory initialization issue was addressed.", 
        "update": "June 8, 2023", 
        "module": "dcerpc", 
        "id": "CVE-2023-27934", 
        "credit": "Aleksandar Nikolic of Cisco Talos", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", 
        "available": "macOS Big Sur", 
        "description": "The issue was addressed with improved bounds checks.", 
        "update": "", 
        "module": "dcerpc", 
        "id": "CVE-2023-27935", 
        "credit": "Aleksandar Nikolic of Cisco Talos", 
        "page": "https://support.apple.com/en-us/HT213675", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause unexpected system termination or write kernel memory", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "An out-of-bounds write issue was addressed with improved input validation.", 
        "update": "", 
        "module": "CommCenter", 
        "id": "CVE-2023-27936", 
        "credit": "Tingting Yin of Tsinghua University", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "An integer overflow was addressed with improved input validation.", 
        "update": "", 
        "module": "Foundation", 
        "id": "CVE-2023-27937", 
        "credit": "an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution", 
        "available": "macOS Monterey 12.3 and later", 
        "description": "An out-of-bounds read issue was addressed with improved input validation.", 
        "update": "March 9, 2023", 
        "module": "GarageBand", 
        "id": "CVE-2023-27938", 
        "credit": "Mickey Jin (@patch1t) of Trend Micro", 
        "page": "https://support.apple.com/en-us/HT213650", 
        "rsr": ""
    }, 
    {
        "impact": "Processing an image may result in disclosure of process memory", 
        "available": "macOS Ventura", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "August 1, 2023, updated December 21, 2023", 
        "module": "ImageIO", 
        "id": "CVE-2023-27939", 
        "credit": "jzhu working with Trend Micro Zero Day Initiative", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "A sandboxed app may be able to observe system-wide network connections", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "The issue was addressed with additional permissions checks.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-27940", 
        "credit": "James Duffy (mangoSecure)", 
        "page": "https://support.apple.com/en-us/HT213765", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to disclose kernel memory", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "A validation issue was addressed with improved input sanitization.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-27941", 
        "credit": "Arsenii Kostromin (0x3c3e)", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Podcasts", 
        "id": "CVE-2023-27942", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "Files downloaded from the internet may not have the quarantine flag applied", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed with improved checks.", 
        "update": "October 31, 2023", 
        "module": "LaunchServices", 
        "id": "CVE-2023-27943", 
        "credit": "an anonymous researcher, Brandon Dalton (@partyD0lphin) of Red Canary, Milan Tenk, and Arthur Valiev of F-Secure Corporation", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to break out of its sandbox", 
        "available": "macOS Big Sur", 
        "description": "This issue was addressed with a new entitlement.", 
        "update": "", 
        "module": "XPC", 
        "id": "CVE-2023-27944", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213675", 
        "rsr": ""
    }, 
    {
        "impact": "A sandboxed app may be able to collect system logs", 
        "available": "macOS Ventura 13.0 and later", 
        "description": "This issue was addressed with improved entitlements.", 
        "update": "", 
        "module": "Dev Tools", 
        "id": "CVE-2023-27945", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213679", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "An out-of-bounds read was addressed with improved bounds checking.", 
        "update": "", 
        "module": "ImageIO", 
        "id": "CVE-2023-27946", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "Processing an image may result in disclosure of process memory", 
        "available": "macOS Ventura", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "August 1, 2023, updated December 21, 2023", 
        "module": "ImageIO", 
        "id": "CVE-2023-27947", 
        "credit": "Meysam Firouzi @R00tkitSMM of Mbition Mercedes-Benz Innovation Lab", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "Processing an image may result in disclosure of process memory", 
        "available": "macOS Ventura", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "August 1, 2023, updated December 21, 2023", 
        "module": "ImageIO", 
        "id": "CVE-2023-27948", 
        "credit": "Meysam Firouzi (@R00tkitSMM) of Mbition Mercedes-Benz Innovation Lab", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "", 
        "module": "Model I/O", 
        "id": "CVE-2023-27949", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "Processing an image may result in disclosure of process memory", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "December 21, 2023", 
        "module": "Model I/O", 
        "id": "CVE-2023-27950", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "An archive may be able to bypass Gatekeeper", 
        "available": "macOS Big Sur", 
        "description": "The issue was addressed with improved checks.", 
        "update": "May 11, 2023", 
        "module": "Archive Utility", 
        "id": "CVE-2023-27951", 
        "credit": "Brandon Dalton (@partyD0lphin) of Red Canary and Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT213675", 
        "rsr": ""
    }, 
    {
        "impact": "An app may bypass Gatekeeper checks", 
        "available": "macOS Ventura", 
        "description": "A race condition was addressed with improved locking.", 
        "update": "", 
        "module": "Safari", 
        "id": "CVE-2023-27952", 
        "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "A remote user may be able to cause unexpected system termination or corrupt kernel memory", 
        "available": "macOS Big Sur", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "dcerpc", 
        "id": "CVE-2023-27953", 
        "credit": "Aleksandar Nikolic of Cisco Talos", 
        "page": "https://support.apple.com/en-us/HT213675", 
        "rsr": ""
    }, 
    {
        "impact": "A website may be able to track sensitive user information", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "The issue was addressed by removing origin information.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-27954", 
        "credit": "an anonymous researcher", 
        "bugzilla": "250837", 
        "page": "https://support.apple.com/en-us/HT213671", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read arbitrary files", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "ColorSync", 
        "id": "CVE-2023-27955", 
        "credit": "JeongOhKyea", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted image may result in disclosure of process memory", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "FontParser", 
        "id": "CVE-2023-27956", 
        "credit": "Ye Zhang of Baidu Security", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Ventura", 
        "description": "A buffer overflow issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "ImageIO", 
        "id": "CVE-2023-27957", 
        "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "A remote user may be able to cause unexpected system termination or corrupt kernel memory", 
        "available": "macOS Big Sur", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "dcerpc", 
        "id": "CVE-2023-27958", 
        "credit": "Aleksandar Nikolic of Cisco Talos", 
        "page": "https://support.apple.com/en-us/HT213675", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Apple Neural Engine", 
        "id": "CVE-2023-27959", 
        "credit": "Mohamed GHANNAM (@_simo36)", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain elevated privileges during the installation of GarageBand", 
        "available": "macOS Monterey 12.3 and later", 
        "description": "This issue was addressed by removing the vulnerable code.", 
        "update": "", 
        "module": "GarageBand", 
        "id": "CVE-2023-27960", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213650", 
        "rsr": ""
    }, 
    {
        "impact": "Importing a maliciously crafted calendar invitation may exfiltrate user information", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "Multiple validation issues were addressed with improved input sanitization.", 
        "update": "", 
        "module": "Calendar", 
        "id": "CVE-2023-27961", 
        "credit": "R\u0131za Sabuncu (@rizasabuncu)", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify protected parts of the file system", 
        "available": "macOS Big Sur", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "", 
        "module": "PackageKit", 
        "id": "CVE-2023-27962", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213675", 
        "rsr": ""
    }, 
    {
        "impact": "A shortcut may be able to use sensitive data with certain actions without prompting the user", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "The issue was addressed with additional permissions checks.", 
        "update": "", 
        "module": "Shortcuts", 
        "id": "CVE-2023-27963", 
        "credit": "Jubaer Alnazi Jabin of TRS Group Of Companies, and Wenchao Li and Xiaolong Bai of Alibaba Group", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones.", 
        "available": "Powerbeats Pro, Beats Fit Pro", 
        "description": "An authentication issue was addressed with improved state management.", 
        "update": "", 
        "module": "Bluetooth", 
        "id": "CVE-2023-27964", 
        "credit": "Yun-hao Chung and Archie Pusaka of Google ChromeOS", 
        "page": "https://support.apple.com/102783", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "macOS Ventura 13.3 and later", 
        "description": "A memory corruption issue was addressed with improved state management.", 
        "update": "", 
        "module": "Display", 
        "id": "CVE-2023-27965", 
        "credit": "Proteas of Pangu Lab", 
        "page": "https://support.apple.com/en-us/HT213672", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to break out of its sandbox", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with improved checks.", 
        "update": "May 1, 2023, updated August 1, 2023", 
        "module": "SharedFileList", 
        "id": "CVE-2023-27966", 
        "credit": "Masahiro Kawada (@kawakatz) of GMO Cybersecurity by Ierae", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges", 
        "available": "macOS Ventura 13.0 and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Dev Tools", 
        "id": "CVE-2023-27967", 
        "credit": "Austin Emmitt, Senior Security Researcher at Trellix ARC", 
        "page": "https://support.apple.com/en-us/HT213679", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause unexpected system termination or write kernel memory", 
        "available": "macOS Ventura", 
        "description": "A buffer overflow issue was addressed with improved memory handling.", 
        "update": "September 5, 2023", 
        "module": "AMD", 
        "id": "CVE-2023-27968", 
        "credit": "ABC Research s.r.o.", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "A use after free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-27969", 
        "credit": "Adam Doup\u00e9 of ASU SEFCOM", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "An out-of-bounds write issue was addressed with improved bounds checking.", 
        "update": "", 
        "module": "Apple Neural Engine", 
        "id": "CVE-2023-27970", 
        "credit": "Mohamed GHANNAM", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass Privacy preferences", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A logic issue was addressed with improved validation.", 
        "update": "", 
        "module": "Sandbox", 
        "id": "CVE-2023-28178", 
        "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted AppleScript binary may result in unexpected app termination or disclosure of process memory", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "August 1, 2023", 
        "module": "AppleScript", 
        "id": "CVE-2023-28179", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "A user in a privileged network position may be able to cause a denial-of-service", 
        "available": "macOS Ventura", 
        "description": "A denial-of-service issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "dcerpc", 
        "id": "CVE-2023-28180", 
        "credit": "Aleksandar Nikolic of Cisco Talos", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "CoreCapture", 
        "id": "CVE-2023-28181", 
        "credit": "Tingting Yin of Tsinghua University", 
        "page": "https://support.apple.com/en-us/HT213765", 
        "rsr": ""
    }, 
    {
        "impact": "A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "The issue was addressed with improved authentication.", 
        "update": "", 
        "module": "NetworkExtension", 
        "id": "CVE-2023-28182", 
        "credit": "Zhuowei Zhang", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause a denial-of-service", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "An integer overflow was addressed through improved input validation.", 
        "update": "December 21, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-28185", 
        "credit": "Pan ZhenPeng of STAR Labs SG Pte. Ltd.", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "A user may be able to cause a denial-of-service", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed with improved state management.", 
        "update": "October 31, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-28187", 
        "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "A remote user may be able to cause a denial-of-service", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A denial-of-service issue was addressed with improved input validation.", 
        "update": "October 31, 2023", 
        "module": "TextKit", 
        "id": "CVE-2023-28188", 
        "credit": "Xin Huang (@11iaxH)", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to view sensitive information", 
        "available": "macOS Big Sur", 
        "description": "The issue was addressed with improved checks.", 
        "update": "May 11, 2023", 
        "module": "Mail", 
        "id": "CVE-2023-28189", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213675", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "macOS Ventura", 
        "description": "A privacy issue was addressed by moving sensitive data to a more secure location.", 
        "update": "", 
        "module": "FaceTime", 
        "id": "CVE-2023-28190", 
        "credit": "Joshua Jones", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass Privacy preferences", 
        "available": "Apple Watch Series 4 and later", 
        "description": "This issue was addressed with improved redaction of sensitive information.", 
        "update": "", 
        "module": "CoreServices", 
        "id": "CVE-2023-28191", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "macOS Big Sur", 
        "description": "A permissions issue was addressed with improved validation.", 
        "update": "", 
        "module": "System Settings", 
        "id": "CVE-2023-28192", 
        "credit": "Guilherme Rambo of Best Buddy Apps (rambo.codes)", 
        "page": "https://support.apple.com/en-us/HT213675", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to unexpectedly create a bookmark on the Home Screen", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Safari", 
        "id": "CVE-2023-28194", 
        "credit": "Anton Spivak", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "December 21, 2023", 
        "module": "Find My", 
        "id": "CVE-2023-28195", 
        "credit": "Adam M.", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "macOS Big Sur", 
        "description": "An access issue was addressed with additional sandbox restrictions.", 
        "update": "December 21, 2023", 
        "module": "Messages", 
        "id": "CVE-2023-28197", 
        "credit": "Joshua Jones", 
        "page": "https://support.apple.com/en-us/HT213675", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "December 21, 2023", 
        "module": "WebKit", 
        "id": "CVE-2023-28198", 
        "credit": "hazbinhotel working with Trend Micro Zero Day Initiative", 
        "bugzilla": "250429", 
        "page": "https://support.apple.com/en-us/HT213671", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to disclose kernel memory", 
        "available": "macOS Big Sur", 
        "description": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.", 
        "update": "May 11, 2023, updated December 21, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-28199", 
        "credit": "Arsenii Kostromin (0x3c3e)", 
        "page": "https://support.apple.com/en-us/HT213675", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to disclose kernel memory", 
        "available": "macOS Ventura", 
        "description": "A validation issue was addressed with improved input sanitization.", 
        "update": "September 6, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-28200", 
        "credit": "Arsenii Kostromin (0x3c3e)", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "This issue was addressed with improved state management.", 
        "update": "May 1, 2023", 
        "module": "WebKit Web Inspector", 
        "id": "CVE-2023-28201", 
        "credit": "Dohyun Lee (@l33d0hyun), crixer (@pwning_me) of SSD Labs", 
        "page": "https://support.apple.com/en-us/HT213671", 
        "rsr": ""
    }, 
    {
        "impact": "An app firewall setting may not take effect after exiting the Settings app", 
        "available": "Apple Watch Series 4 and later", 
        "description": "This issue was addressed with improved state management.", 
        "update": "", 
        "module": "System Settings", 
        "id": "CVE-2023-28202", 
        "credit": "Satish Panduranga and an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access contacts", 
        "available": "Android version 5.0 and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Apple Music on Android", 
        "id": "CVE-2023-28203", 
        "credit": "ZiMing Zeng(@hluwa) of iJiami Technology Co. Ltd (ijiami.cn)", 
        "page": "https://support.apple.com/en-us/HT213833", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited.", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-28204", 
        "credit": "an anonymous researcher", 
        "bugzilla": "254930", 
        "page": "https://support.apple.com/en-us/HT213762", 
        "rsr": ""
    }, 
    {
        "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "A use after free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-28205", 
        "credit": "Cl\u00e9ment Lecigne of Google's Threat Analysis Group and Donncha \u00d3 Cearbhaill of Amnesty International\u2019s Security Lab", 
        "bugzilla": "254797", 
        "page": "https://support.apple.com/en-us/HT213723", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.", 
        "available": "macOS Big Sur", 
        "description": "An out-of-bounds write issue was addressed with improved input validation.", 
        "update": "", 
        "module": "IOSurfaceAccelerator", 
        "id": "CVE-2023-28206", 
        "credit": "Cl\u00e9ment Lecigne of Google's Threat Analysis Group and Donncha \u00d3 Cearbhaill of Amnesty International\u2019s Security Lab", 
        "page": "https://support.apple.com/en-us/HT213725", 
        "rsr": ""
    }, 
    {
        "impact": "A user may send a text from a secondary eSIM despite configuring a contact to use a primary eSIM", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A logic issue was addressed with improved state management.", 
        "update": "September 5, 2023", 
        "module": "Messages", 
        "id": "CVE-2023-28208", 
        "credit": "freshman", 
        "page": "https://support.apple.com/en-us/HT213606", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause unexpected system termination or write kernel memory", 
        "available": "macOS Ventura", 
        "description": "A buffer overflow issue was addressed with improved memory handling.", 
        "update": "September 5, 2023", 
        "module": "AMD", 
        "id": "CVE-2023-28209", 
        "credit": "ABC Research s.r.o.", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause unexpected system termination or write kernel memory", 
        "available": "macOS Ventura", 
        "description": "A buffer overflow issue was addressed with improved memory handling.", 
        "update": "September 5, 2023", 
        "module": "AMD", 
        "id": "CVE-2023-28210", 
        "credit": "ABC Research s.r.o.", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause unexpected system termination or write kernel memory", 
        "available": "macOS Ventura", 
        "description": "A buffer overflow issue was addressed with improved memory handling.", 
        "update": "September 5, 2023", 
        "module": "AMD", 
        "id": "CVE-2023-28211", 
        "credit": "ABC Research s.r.o.", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause unexpected system termination or write kernel memory", 
        "available": "macOS Ventura", 
        "description": "A buffer overflow issue was addressed with improved memory handling.", 
        "update": "September 5, 2023", 
        "module": "AMD", 
        "id": "CVE-2023-28212", 
        "credit": "ABC Research s.r.o.", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause unexpected system termination or write kernel memory", 
        "available": "macOS Ventura", 
        "description": "A buffer overflow issue was addressed with improved memory handling.", 
        "update": "September 5, 2023", 
        "module": "AMD", 
        "id": "CVE-2023-28213", 
        "credit": "ABC Research s.r.o.", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause unexpected system termination or write kernel memory", 
        "available": "macOS Ventura", 
        "description": "A buffer overflow issue was addressed with improved memory handling.", 
        "update": "September 5, 2023", 
        "module": "AMD", 
        "id": "CVE-2023-28214", 
        "credit": "ABC Research s.r.o.", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause unexpected system termination or write kernel memory", 
        "available": "macOS Ventura", 
        "description": "A buffer overflow issue was addressed with improved memory handling.", 
        "update": "September 5, 2023", 
        "module": "AMD", 
        "id": "CVE-2023-28215", 
        "credit": "ABC Research s.r.o.", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in curl", 
        "available": "macOS Ventura", 
        "description": "Multiple issues were addressed by updating curl.", 
        "update": "", 
        "module": "curl", 
        "id": "CVE-2023-28319", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in curl", 
        "available": "macOS Ventura", 
        "description": "Multiple issues were addressed by updating curl.", 
        "update": "", 
        "module": "curl", 
        "id": "CVE-2023-28320", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in curl", 
        "available": "macOS Ventura", 
        "description": "Multiple issues were addressed by updating curl.", 
        "update": "", 
        "module": "curl", 
        "id": "CVE-2023-28321", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in curl", 
        "available": "macOS Ventura", 
        "description": "Multiple issues were addressed by updating curl.", 
        "update": "", 
        "module": "curl", 
        "id": "CVE-2023-28322", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "macOS Sonoma", 
        "description": "This issue was addressed with improved redaction of sensitive information.", 
        "update": "March 7, 2024", 
        "module": "MediaRemote", 
        "id": "CVE-2023-28826", 
        "credit": "Meng Zhang (\u9cb8\u843d) of NorthSea", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "A user may be able to elevate privileges", 
        "available": "macOS 10.14.5 and later", 
        "description": "A logic issue was addressed with improved state management.", 
        "update": "", 
        "module": "Pro Video Formats", 
        "id": "CVE-2023-29166", 
        "credit": "Koh M. Nakagawa (@tsunek0h)", 
        "page": "https://support.apple.com/en-us/HT213882", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in libxml2", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "Multiple memory corruption issues were addressed with improved input validation.", 
        "update": "December 21, 2023", 
        "module": "libxml2", 
        "id": "CVE-2023-29469", 
        "credit": "OSS-Fuzz, and Ned Williamson of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT213757", 
        "rsr": ""
    }, 
    {
        "impact": "An app may cause unexpected app termination or arbitrary code execution", 
        "available": "macOS Ventura", 
        "description": "A memory corruption issue was addressed with improved validation.", 
        "update": "September 6, 2023", 
        "module": "ncurses", 
        "id": "CVE-2023-29491", 
        "credit": "Jonathan Bar Or of Microsoft, Emanuele Cozzi of Microsoft, and Michael Pearse of Microsoft", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access calendar data saved to a temporary directory", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A privacy issue was addressed with improved handling of temporary files.", 
        "update": "", 
        "module": "Calendar", 
        "id": "CVE-2023-29497", 
        "credit": "Kirin (@Pwnrin) and Yishu Wang", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "A remote user may be able to cause a denial-of-service", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "OpenLDAP", 
        "id": "CVE-2023-2953", 
        "credit": "Sandipan Roy", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "Parsing a file may lead to an unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "This issue was addressed by removing the vulnerable code.", 
        "update": "", 
        "module": "App Support", 
        "id": "CVE-2023-30774", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain elevated privileges", 
        "available": "Windows 10 and later", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "", 
        "module": "iTunes", 
        "id": "CVE-2023-32351", 
        "credit": "ycdxsb of VARAS@IIE", 
        "page": "https://support.apple.com/en-us/HT213763", 
        "rsr": ""
    }, 
    {
        "impact": "An app may bypass Gatekeeper checks", 
        "available": "Apple Watch Series 4 and later", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "", 
        "module": "LaunchServices", 
        "id": "CVE-2023-32352", 
        "credit": "Wojciech Regu\u0142a (@_r3ggi) of SecuRing (wojciechregula.blog)", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to elevate privileges", 
        "available": "Windows 10 and later", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "", 
        "module": "iTunes", 
        "id": "CVE-2023-32353", 
        "credit": "Zeeshan Shaikh (@bugzzzhunter) \u2013 Synopsys Cybersecurity Research Center (CyRC)", 
        "page": "https://support.apple.com/en-us/HT213763", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to disclose kernel memory", 
        "available": "Apple Watch Series 4 and later", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "", 
        "module": "IOSurfaceAccelerator", 
        "id": "CVE-2023-32354", 
        "credit": "Linus Henze of Pinauten GmbH (pinauten.de)", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify protected parts of the file system", 
        "available": "macOS Ventura", 
        "description": "A logic issue was addressed with improved state management.", 
        "update": "", 
        "module": "PackageKit", 
        "id": "CVE-2023-32355", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213758", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause unexpected system termination or write kernel memory", 
        "available": "macOS Ventura", 
        "description": "A buffer overflow issue was addressed with improved memory handling.", 
        "update": "September 5, 2023", 
        "module": "AMD", 
        "id": "CVE-2023-32356", 
        "credit": "ABC Research s.r.o.", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to retain access to system configuration files even after its permission is revoked", 
        "available": "Apple Watch Series 4 and later", 
        "description": "An authorization issue was addressed with improved state management.", 
        "update": "", 
        "module": "Sandbox", 
        "id": "CVE-2023-32357", 
        "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit), Koh M. Nakagawa of FFRI Security, Inc., Kirin (@Pwnrin), Jeff Johnson (underpassapp.com), and Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "A type confusion issue was addressed with improved checks.", 
        "update": "December 21, 2023", 
        "module": "WebKit PDF", 
        "id": "CVE-2023-32358", 
        "credit": "Anonymous working with Trend Micro Zero Day Initiative", 
        "bugzilla": "249169", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "A user's password may be read aloud by VoiceOver", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed with improved redaction of sensitive information.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-32359", 
        "credit": "Claire Houston", 
        "bugzilla": "248717", 
        "page": "https://support.apple.com/en-us/HT213981", 
        "rsr": ""
    }, 
    {
        "impact": "An unauthenticated user may be able to access recently printed documents", 
        "available": "macOS Ventura", 
        "description": "An authentication issue was addressed with improved state management.", 
        "update": "", 
        "module": "CUPS", 
        "id": "CVE-2023-32360", 
        "credit": "Gerhard Muth", 
        "page": "https://support.apple.com/en-us/HT213758", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved handling of caches.", 
        "update": "", 
        "module": "AuthKit", 
        "id": "CVE-2023-32361", 
        "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "A website may be able to track sensitive user information", 
        "available": "macOS Ventura", 
        "description": "Error handling was changed to not reveal sensitive information.", 
        "update": "September 5, 2023", 
        "module": "Quick Look", 
        "id": "CVE-2023-32362", 
        "credit": "Khiem Tran", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass Privacy preferences", 
        "available": "macOS Ventura", 
        "description": "A permissions issue was addressed by removing vulnerable code and adding additional checks.", 
        "update": "", 
        "module": "Screen Saver", 
        "id": "CVE-2023-32363", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213758", 
        "rsr": ""
    }, 
    {
        "impact": "A sandboxed process may be able to circumvent sandbox restrictions", 
        "available": "macOS Ventura", 
        "description": "A logic issue was addressed with improved restrictions.", 
        "update": "", 
        "module": "AppSandbox", 
        "id": "CVE-2023-32364", 
        "credit": "Gergely Kalman (@gergely_kalman)", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "Shake-to-undo may allow a deleted photo to be re-surfaced without authentication", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Photos", 
        "id": "CVE-2023-32365", 
        "credit": "Jiwon Park", 
        "page": "https://support.apple.com/en-us/HT213757", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a font file may lead to arbitrary code execution", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "An out-of-bounds write issue was addressed with improved input validation.", 
        "update": "December 21, 2023", 
        "module": "FontParser", 
        "id": "CVE-2023-32366", 
        "credit": "Ye Zhang (@VAR10CK) of Baidu Security", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed with improved entitlements.", 
        "update": "", 
        "module": "Security", 
        "id": "CVE-2023-32367", 
        "credit": "James Duffy (mangoSecure)", 
        "page": "https://support.apple.com/en-us/HT213757", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a 3D model may result in disclosure of process memory", 
        "available": "Apple Watch Series 4 and later", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "", 
        "module": "Model I/O", 
        "id": "CVE-2023-32368", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify protected parts of the file system", 
        "available": "macOS Ventura", 
        "description": "A logic issue was addressed with improved state management.", 
        "update": "", 
        "module": "libxpc", 
        "id": "CVE-2023-32369", 
        "credit": "Jonathan Bar Or of Microsoft, Anurag Bohra of Microsoft, and Michael Pearse of Microsoft", 
        "page": "https://support.apple.com/en-us/HT213758", 
        "rsr": ""
    }, 
    {
        "impact": "Content Security Policy to block domains with wildcards may fail", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "A logic issue was addressed with improved validation.", 
        "update": "December 21, 2023", 
        "module": "WebKit", 
        "id": "CVE-2023-32370", 
        "credit": "Gertjan Franken of imec-DistriNet, KU Leuven", 
        "bugzilla": "250709", 
        "page": "https://support.apple.com/en-us/HT213671", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to break out of its sandbox", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Associated Domains", 
        "id": "CVE-2023-32371", 
        "credit": "James Duffy (mangoSecure)", 
        "page": "https://support.apple.com/en-us/HT213757", 
        "rsr": ""
    }, 
    {
        "impact": "Processing an image may result in disclosure of process memory", 
        "available": "Apple Watch Series 4 and later", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "September 5, 2023", 
        "module": "ImageIO", 
        "id": "CVE-2023-32372", 
        "credit": "Meysam Firouzi @R00tkitSMM of Mbition Mercedes-Benz Innovation Lab working with Trend Micro Zero Day Initiative", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-32373", 
        "credit": "an anonymous researcher", 
        "bugzilla": "254840", 
        "page": "https://support.apple.com/en-us/HT213762", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a 3D model may result in disclosure of process memory", 
        "available": "macOS Ventura", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "", 
        "module": "Model I/O", 
        "id": "CVE-2023-32375", 
        "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", 
        "page": "https://support.apple.com/en-us/HT213758", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify protected parts of the file system", 
        "available": "Apple Watch Series 4 and later", 
        "description": "This issue was addressed with improved entitlements.", 
        "update": "", 
        "module": "StorageKit", 
        "id": "CVE-2023-32376", 
        "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A buffer overflow issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "AMD", 
        "id": "CVE-2023-32377", 
        "credit": "ABC Research s.r.o.", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "macOS Big Sur", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "December 21, 2023", 
        "module": "IOAcceleratorFamily", 
        "id": "CVE-2023-32378", 
        "credit": "Murray Mike", 
        "page": "https://support.apple.com/en-us/HT213675", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "macOS Ventura", 
        "description": "A buffer overflow issue was addressed with improved memory handling.", 
        "update": "September 5, 2023", 
        "module": "AMD", 
        "id": "CVE-2023-32379", 
        "credit": "ABC Research s.r.o.", 
        "page": "https://support.apple.com/en-us/HT213758", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a 3D model may lead to arbitrary code execution", 
        "available": "macOS Ventura", 
        "description": "An out-of-bounds write issue was addressed with improved bounds checking.", 
        "update": "", 
        "module": "Model I/O", 
        "id": "CVE-2023-32380", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213758", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "October 31, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-32381", 
        "credit": "an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a 3D model may result in disclosure of process memory", 
        "available": "macOS Ventura", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "", 
        "module": "Model I/O", 
        "id": "CVE-2023-32382", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213758", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to inject code into sensitive binaries bundled with Xcode", 
        "available": "macOS Ventura", 
        "description": "This issue was addressed by forcing hardened runtime on the affected binaries at the system level.", 
        "update": "December 21, 2023", 
        "module": "AppleMobileFileIntegrity", 
        "id": "CVE-2023-32383", 
        "credit": "James Duffy (mangoSecure)", 
        "page": "https://support.apple.com/en-us/HT213758", 
        "rsr": ""
    }, 
    {
        "impact": "Processing an image may lead to arbitrary code execution", 
        "available": "Apple Watch Series 4 and later", 
        "description": "A buffer overflow was addressed with improved bounds checking.", 
        "update": "", 
        "module": "ImageIO", 
        "id": "CVE-2023-32384", 
        "credit": "Meysam Firouzi @R00tkitsmm working with Trend Micro Zero Day Initiative", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "Opening a PDF file may lead to unexpected app termination", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A denial-of-service issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "PDFKit", 
        "id": "CVE-2023-32385", 
        "credit": "Jonathan Fritz", 
        "page": "https://support.apple.com/en-us/HT213757", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to observe unprotected user data", 
        "available": "macOS Ventura", 
        "description": "A privacy issue was addressed with improved handling of temporary files.", 
        "update": "", 
        "module": "Contacts", 
        "id": "CVE-2023-32386", 
        "credit": "Kirin (@Pwnrin)", 
        "page": "https://support.apple.com/en-us/HT213758", 
        "rsr": ""
    }, 
    {
        "impact": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution", 
        "available": "macOS Ventura", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "dcerpc", 
        "id": "CVE-2023-32387", 
        "credit": "Dimitrios Tatsis of Cisco Talos", 
        "page": "https://support.apple.com/en-us/HT213758", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass Privacy preferences", 
        "available": "Apple Watch Series 4 and later", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "", 
        "module": "Accessibility", 
        "id": "CVE-2023-32388", 
        "credit": "Kirin (@Pwnrin)", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to disclose kernel memory", 
        "available": "Apple Watch Series 4 and later", 
        "description": "This  issue was addressed with improved redaction of sensitive information.", 
        "update": "", 
        "module": "Wi-Fi", 
        "id": "CVE-2023-32389", 
        "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup", 
        "available": "Apple Watch Series 4 and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Photos", 
        "id": "CVE-2023-32390", 
        "credit": "Julian Szulc", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "A shortcut may be able to use sensitive data with certain actions without prompting the user", 
        "available": "Apple Watch Series 4 and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Shortcuts", 
        "id": "CVE-2023-32391", 
        "credit": "Wenchao Li and Xiaolong Bai of Alibaba Group", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "Apple Watch Series 4 and later", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "September 5, 2023", 
        "module": "GeoServices", 
        "id": "CVE-2023-32392", 
        "credit": "Adam M.", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "Apple TV 4K (all models) and Apple TV HD", 
        "description": "The issue was addressed with improved memory handling", 
        "update": "June 28, 2023", 
        "module": "WebKit", 
        "id": "CVE-2023-32393", 
        "credit": "Francisco Alonso (@revskills)", 
        "bugzilla": "248885", 
        "page": "https://support.apple.com/en-us/HT213601", 
        "rsr": ""
    }, 
    {
        "impact": "A person with physical access to a device may be able to view contact information from the lock screen", 
        "available": "Apple Watch Series 4 and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Siri", 
        "id": "CVE-2023-32394", 
        "credit": "Khiem Tran", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify protected parts of the file system", 
        "available": "macOS Ventura", 
        "description": "A logic issue was addressed with improved state management.", 
        "update": "", 
        "module": "Perl", 
        "id": "CVE-2023-32395", 
        "credit": "Arsenii Kostromin (0x3c3e)", 
        "page": "https://support.apple.com/en-us/HT213758", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain elevated privileges", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "This issue was addressed with improved checks.", 
        "update": "December 22, 2023", 
        "module": "Dev Tools", 
        "id": "CVE-2023-32396", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify protected parts of the file system", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "A logic issue was addressed with improved state management.", 
        "update": "", 
        "module": "Shell", 
        "id": "CVE-2023-32397", 
        "credit": "Arsenii Kostromin (0x3c3e)", 
        "page": "https://support.apple.com/en-us/HT213765", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "Apple Watch Series 4 and later", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-32398", 
        "credit": "Adam Doup\u00e9 of ASU SEFCOM", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "Apple Watch Series 4 and later", 
        "description": "The issue was addressed with improved handling of caches.", 
        "update": "September 5, 2023", 
        "module": "Core Location", 
        "id": "CVE-2023-32399", 
        "credit": "Adam M.", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "Entitlements and privacy permissions granted to this app may be used by a malicious app", 
        "available": "Apple Watch Series 4 and later", 
        "description": "This issue was addressed with improved checks.", 
        "update": "", 
        "module": "Accessibility", 
        "id": "CVE-2023-32400", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "Parsing an office document may lead to an unexpected app termination or arbitrary code execution", 
        "available": "macOS Ventura", 
        "description": "A buffer overflow was addressed with improved bounds checking.", 
        "update": "December 21, 2023", 
        "module": "Quick Look", 
        "id": "CVE-2023-32401", 
        "credit": "Holger Fuhrmannek of Deutsche Telekom Security GmbH on behalf of BSI (German Federal Office for Information Security)", 
        "page": "https://support.apple.com/en-us/HT213758", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may disclose sensitive information", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "December 21, 2023", 
        "module": "WebKit", 
        "id": "CVE-2023-32402", 
        "credit": "Ignacio Sanmillan (@ulexec)", 
        "bugzilla": "255075", 
        "page": "https://support.apple.com/en-us/HT213762", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "Apple Watch Series 4 and later", 
        "description": "This  issue was addressed with improved redaction of sensitive information.", 
        "update": "September 5, 2023", 
        "module": "NetworkExtension", 
        "id": "CVE-2023-32403", 
        "credit": "Adam M.", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass Privacy preferences", 
        "available": "Apple Watch Series 4 and later", 
        "description": "This issue was addressed with improved entitlements.", 
        "update": "", 
        "module": "Shortcuts", 
        "id": "CVE-2023-32404", 
        "credit": "Mickey Jin (@patch1t), Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com), and an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain root privileges", 
        "available": "macOS Ventura", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "", 
        "module": "libxpc", 
        "id": "CVE-2023-32405", 
        "credit": "Thijs Alkemade (@xnyhps) from Computest Sector 7", 
        "page": "https://support.apple.com/en-us/HT213758", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass Privacy preferences", 
        "available": "Apple Watch Series 4 and later", 
        "description": "A logic issue was addressed with improved state management.", 
        "update": "", 
        "module": "Metal", 
        "id": "CVE-2023-32407", 
        "credit": "Gergely Kalman (@gergely_kalman)", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "Apple Watch Series 4 and later", 
        "description": "The issue was addressed with improved handling of caches.", 
        "update": "", 
        "module": "TV App", 
        "id": "CVE-2023-32408", 
        "credit": "Adam M.", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited.", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "The issue was addressed with improved bounds checks.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-32409", 
        "credit": "Cl\u00e9ment Lecigne of Google's Threat Analysis Group and Donncha \u00d3 Cearbhaill of Amnesty International\u2019s Security Lab", 
        "bugzilla": "255350", 
        "page": "https://support.apple.com/en-us/HT213842", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to leak sensitive kernel state", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "", 
        "module": "IOSurface", 
        "id": "CVE-2023-32410", 
        "credit": "hou xuewei (@p1ay8y3ar) vmk msu", 
        "page": "https://support.apple.com/en-us/HT213765", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass Privacy preferences", 
        "available": "Apple TV 4K (all models) and Apple TV HD", 
        "description": "This issue was addressed with improved entitlements.", 
        "update": "", 
        "module": "AppleMobileFileIntegrity", 
        "id": "CVE-2023-32411", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213761", 
        "rsr": ""
    }, 
    {
        "impact": "A remote attacker may be able to cause unexpected app termination or arbitrary code execution", 
        "available": "Apple Watch Series 4 and later", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "Telephony", 
        "id": "CVE-2023-32412", 
        "credit": "Ivan Fratric of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain root privileges", 
        "available": "Apple Watch Series 4 and later", 
        "description": "A race condition was addressed with improved state handling.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-32413", 
        "credit": "Eloi Benoist-Vanderbeken (@elvanderb) from Synacktiv (@Synacktiv) working with Trend Micro Zero Day Initiative", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to break out of its sandbox", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "DesktopServices", 
        "id": "CVE-2023-32414", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213758", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "Apple TV 4K (all models) and Apple TV HD", 
        "description": "This  issue was addressed with improved redaction of sensitive information.", 
        "update": "", 
        "module": "Weather", 
        "id": "CVE-2023-32415", 
        "credit": "Wojciech Regula of SecuRing (wojciechregula.blog), and an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213761", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A logic issue was addressed with improved restrictions.", 
        "update": "", 
        "module": "Find My", 
        "id": "CVE-2023-32416", 
        "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker with physical access to a locked Apple Watch may be able to view user photos or contacts via accessibility features", 
        "available": "Apple Watch Series 4 and later", 
        "description": "This issue was addressed by restricting options offered on a locked device.", 
        "update": "", 
        "module": "Face Gallery", 
        "id": "CVE-2023-32417", 
        "credit": "Zitong Wu (\u5434\u6893\u6850) from Zhuhai No.1 High School (\u73e0\u6d77\u5e02\u7b2c\u4e00\u4e2d\u5b66)", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Grapher", 
        "id": "CVE-2023-32418", 
        "credit": "Bool of YunShangHuaAn(\u4e91\u4e0a\u534e\u5b89)", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "A remote attacker may be able to cause arbitrary code execution", 
        "available": "iPhone 8 and iPhone X", 
        "description": "The issue was addressed with improved bounds checks.", 
        "update": "", 
        "module": "Cellular", 
        "id": "CVE-2023-32419", 
        "credit": "Amat Cama of Vigilant Labs", 
        "page": "https://support.apple.com/en-us/HT213757", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause unexpected system termination or read kernel memory", 
        "available": "Apple Watch Series 4 and later", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "September 5, 2023", 
        "module": "IOSurfaceAccelerator", 
        "id": "CVE-2023-32420", 
        "credit": "CertiK SkyFall Team and Linus Henze of Pinauten GmbH (pinauten.de)", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to observe unprotected user data", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A privacy issue was addressed with improved handling of temporary files.", 
        "update": "", 
        "module": "Messages", 
        "id": "CVE-2023-32421", 
        "credit": "Meng Zhang (\u9cb8\u843d) of NorthSea, Ron Masas of BreakPoint Security Research, Brian McNulty, and Kishan Bagaria of Texts.com", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass Privacy preferences", 
        "available": "macOS Monterey", 
        "description": "This issue was addressed by adding additional SQLite logging restrictions.", 
        "update": "September 8, 2023", 
        "module": "SQLite", 
        "id": "CVE-2023-32422", 
        "credit": "Gergely Kalman (@gergely_kalman), and Wojciech Regula of SecuRing (wojciechregula.blog)", 
        "page": "https://support.apple.com/en-us/HT213844", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may disclose sensitive information", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "A buffer overflow issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-32423", 
        "credit": "Ignacio Sanmillan (@ulexec)", 
        "bugzilla": "254781", 
        "page": "https://support.apple.com/en-us/HT213762", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "October 31, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-32424", 
        "credit": "Zechao Cai (@Zech4o) from Zhejiang University", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain elevated privileges", 
        "available": "Apple Watch Series 4 and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "September 5, 2023", 
        "module": "Apple Neural Engine", 
        "id": "CVE-2023-32425", 
        "credit": "Mohamed GHANNAM (@_simo36)", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain root privileges", 
        "available": "macOS Ventura", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "September 5, 2023", 
        "module": "Crash Reporter", 
        "id": "CVE-2023-32426", 
        "credit": "Junoh Lee at Theori", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker in a privileged network position may be able to intercept network traffic", 
        "available": "Android version 5.0 and later", 
        "description": "This issue was addressed by using HTTPS when sending information over the network.", 
        "update": "", 
        "module": "Apple Music on Android", 
        "id": "CVE-2023-32427", 
        "credit": "David Coomber of Info-Sec.CA", 
        "page": "https://support.apple.com/en-us/HT213833", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain root privileges", 
        "available": "Apple Watch Series 4 and later", 
        "description": "This issue was addressed with improved file handling.", 
        "update": "September 5, 2023", 
        "module": "MallocStackLogging", 
        "id": "CVE-2023-32428", 
        "credit": "Gergely Kalman (@gergely_kalman)", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass Privacy preferences", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "SystemMigration", 
        "id": "CVE-2023-32429", 
        "credit": "Wenchao Li and Xiaolong Bai of Hangzhou Orange Shield Information Technology Co., Ltd.", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain elevated privileges", 
        "available": "Windows 10 and later", 
        "description": "A dynamic library loading issue was addressed with improved path searching.", 
        "update": "October 31, 2023", 
        "module": "WebKit", 
        "id": "CVE-2023-32430", 
        "credit": "James Tsz Ko Yeung (@5cript1diot)", 
        "bugzilla": "241430", 
        "page": "https://support.apple.com/en-us/HT213763", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "Apple Watch Series 4 and later", 
        "description": "A privacy issue was addressed with improved handling of temporary files.", 
        "update": "September 5, 2023", 
        "module": "Share Sheet", 
        "id": "CVE-2023-32432", 
        "credit": "Kirin (@Pwnrin)", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "October 31, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-32433", 
        "credit": "Zweig of Kunlun Lab", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "An integer overflow was addressed with improved input validation.", 
        "update": "October 25, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-32434", 
        "credit": "Georgy Kucherin (@kucher1n), Leonid Bezvershenko (@bzvr_), Boris Larin (@oct0xor), and Valentin Pashkov of Kaspersky", 
        "page": "https://support.apple.com/en-us/HT213990", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "A memory corruption issue was addressed with improved state management.", 
        "update": "August 1, 2023", 
        "module": "WebKit", 
        "id": "CVE-2023-32435", 
        "credit": "Georgy Kucherin (@kucher1n), Leonid Bezvershenko (@bzvr_), Boris Larin (@oct0xor), and Valentin Pashkov of Kaspersky", 
        "bugzilla": "251890", 
        "page": "https://support.apple.com/en-us/HT213811", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause unexpected system termination or write kernel memory", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with improved bounds checks.", 
        "update": "October 31, 2023", 
        "module": "AMD", 
        "id": "CVE-2023-32436", 
        "credit": "ABC Research s.r.o.", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to break out of its sandbox", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improvements to the file handling protocol.", 
        "update": "", 
        "module": "NSURLSession", 
        "id": "CVE-2023-32437", 
        "credit": "Thijs Alkemade from Computest Sector 7", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass Privacy preferences", 
        "available": "Apple TV 4K (all models) and Apple TV HD", 
        "description": "This issue was addressed with improved checks to prevent unauthorized actions.", 
        "update": "September 5, 2023", 
        "module": "AppleMobileFileIntegrity", 
        "id": "CVE-2023-32438", 
        "credit": "Csaba Fitzl (@theevilbit) of Offensive Security and Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213601", 
        "rsr": ""
    }, 
    {
        "impact": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", 
        "available": "macOS Monterey", 
        "description": "A type confusion issue was addressed with improved checks.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-32439", 
        "credit": "an anonymous researcher", 
        "bugzilla": "256567", 
        "page": "https://support.apple.com/en-us/HT213816", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-32441", 
        "credit": "Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng (@peternguyen14) of STAR Labs SG Pte. Ltd.", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "A shortcut may be able to modify sensitive Shortcuts app settings", 
        "available": "macOS Ventura", 
        "description": "An access issue was addressed with improved access restrictions.", 
        "update": "", 
        "module": "Shortcuts", 
        "id": "CVE-2023-32442", 
        "credit": "an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a file may lead to a denial-of-service or potentially disclose memory contents", 
        "available": "macOS Ventura", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "", 
        "module": "sips", 
        "id": "CVE-2023-32443", 
        "credit": "David Hoyt of Hoyt LLC", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "A sandboxed process may be able to circumvent sandbox restrictions", 
        "available": "macOS Ventura", 
        "description": "A logic issue was addressed with improved validation.", 
        "update": "July 27, 2023", 
        "module": "NSSpellChecker", 
        "id": "CVE-2023-32444", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a document may lead to a cross site scripting attack", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "This issue was addressed with improved checks.", 
        "update": "July 27, 2023", 
        "module": "WebKit", 
        "id": "CVE-2023-32445", 
        "credit": "Johan Carlsson (joaxcar)", 
        "bugzilla": "257299", 
        "page": "https://support.apple.com/en-us/HT213847", 
        "rsr": ""
    }, 
    {
        "impact": "A user may be able to read information belonging to another user", 
        "available": "macOS Ventura", 
        "description": "A logic issue was addressed with improved state management.", 
        "update": "July 27, 2023", 
        "module": "Time Zone", 
        "id": "CVE-2023-32654", 
        "credit": "Matthew Loewen", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-32734", 
        "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "A user in a privileged network position may be able to leak sensitive information", 
        "available": "macOS Ventura", 
        "description": "A logic issue was addressed with improved state management.", 
        "update": "July 27, 2023", 
        "module": "CUPS", 
        "id": "CVE-2023-34241", 
        "credit": "Sei K.", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker may be able to leak user account emails", 
        "available": "Apple Watch Series 4 and later", 
        "description": "A permissions issue was addressed with improved redaction of sensitive information.", 
        "update": "September 5, 2023", 
        "module": "Accounts", 
        "id": "CVE-2023-34352", 
        "credit": "Sergii Kryvoblotskyi of MacPaw Inc.", 
        "page": "https://support.apple.com/en-us/HT213764", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "October 31, 2023", 
        "module": "Apple Neural Engine", 
        "id": "CVE-2023-34425", 
        "credit": "pattern-f (@pattern_F_) of Ant Security Light-Year Lab", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "macOS Monterey and macOS Ventura", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "January 2, 2024", 
        "module": "WebKit", 
        "id": "CVE-2023-35074", 
        "credit": "Ajou University Abysslab Dong Jun Kim(@smlijun) and Jong Seong Kim(@nevul37)", 
        "bugzilla": "239758", 
        "page": "https://support.apple.com/en-us/HT213941", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify protected parts of the file system", 
        "available": "macOS Ventura", 
        "description": "This issue was addressed with improved data protection.", 
        "update": "", 
        "module": "Assets", 
        "id": "CVE-2023-35983", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker in physical proximity can cause a limited out of bounds write", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Bluetooth", 
        "id": "CVE-2023-35984", 
        "credit": "zer0k", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to identify what other apps a user has installed", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Safari", 
        "id": "CVE-2023-35990", 
        "credit": "Adriatik Raci of Sentry Cybersecurity", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "October 31, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-35993", 
        "credit": "Kaitao Xie and Xiaolong Bai of Alibaba Group", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "A remote user may be able to cause a denial-of-service", 
        "available": "macOS Sonoma", 
        "description": "This issue was addressed with improved checks.", 
        "update": "February 16, 2024", 
        "module": "SQLite", 
        "id": "CVE-2023-36191", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "An integer overflow was addressed with improved input validation.", 
        "update": "July 27, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-36495", 
        "credit": "\u9999\u519c\u7684\u4e09\u8e66\u5b50 of Pangu Lab", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Grapher", 
        "id": "CVE-2023-36854", 
        "credit": "Bool of YunShangHuaAn(\u4e91\u4e0a\u534e\u5b89)", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to determine a user\u2019s current location", 
        "available": "macOS Ventura", 
        "description": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.", 
        "update": "", 
        "module": "AppleMobileFileIntegrity", 
        "id": "CVE-2023-36862", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "An out-of-bounds read was addressed with improved bounds checking.", 
        "update": "July 27, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-37285", 
        "credit": "Arsenii Kostromin (0x3c3e)", 
        "page": "https://support.apple.com/en-us/HT213842", 
        "rsr": ""
    }, 
    {
        "impact": "A user may be able to view restricted content from the lock screen", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A lock screen issue was addressed with improved state management.", 
        "update": "December 22, 2023", 
        "module": "Power Management", 
        "id": "CVE-2023-37448", 
        "credit": "Serkan Erayabakan, David Kotval, Akincibor, Sina Ahmadi of George Mason University, and Billy Tabrizi", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-37450", 
        "credit": "an anonymous researcher", 
        "bugzilla": "259231", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": "This issue was first addressed in Rapid Security Response iOS 16.5.1 (c) and iPadOS 16.5.1 (c)."
    }, 
    {
        "impact": "Multiple issues in curl", 
        "available": "macOS Sonoma", 
        "description": "Multiple issues were addressed by updating to curl version 8.4.0.", 
        "update": "January 22, 2024, updated February 13, 2024", 
        "module": "curl", 
        "id": "CVE-2023-38039", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may disclose sensitive information", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "WebKit Web Inspector", 
        "id": "CVE-2023-38133", 
        "credit": "YeongHyeon Choi (@hyeon101010)", 
        "bugzilla": "256932", 
        "page": "https://support.apple.com/en-us/HT213847", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "October 31, 2023", 
        "module": "Apple Neural Engine", 
        "id": "CVE-2023-38136", 
        "credit": "Mohamed GHANNAM (@_simo36)", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a 3D model may result in disclosure of process memory", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with improved checks.", 
        "update": "July 27, 2023", 
        "module": "Model I/O", 
        "id": "CVE-2023-38258", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "macOS Ventura", 
        "description": "A logic issue was addressed with improved restrictions.", 
        "update": "", 
        "module": "PackageKit", 
        "id": "CVE-2023-38259", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-38261", 
        "credit": "an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "A remote user may be able to cause unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "iperf3", 
        "id": "CVE-2023-38403", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "A vulnerability was discovered in OpenSSHs remote forwarding", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "This issue was addressed by updating OpenSSH to 9.3p2", 
        "update": "December 22, 2023", 
        "module": "OpenSSH", 
        "id": "CVE-2023-38408", 
        "credit": "baba yaga, an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "A user may be able to elevate privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-38410", 
        "credit": "an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a 3D model may result in disclosure of process memory", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with improved checks.", 
        "update": "July 27, 2023", 
        "module": "Model I/O", 
        "id": "CVE-2023-38421", 
        "credit": "Mickey Jin (@patch1t), and Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-38424", 
        "credit": "Certik Skyfall Team", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-38425", 
        "credit": "Certik Skyfall Team", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in curl", 
        "available": "macOS Sonoma", 
        "description": "Multiple issues were addressed by updating to curl version 8.4.0.", 
        "update": "January 22, 2024, updated February 13, 2024", 
        "module": "curl", 
        "id": "CVE-2023-38545", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in curl", 
        "available": "macOS Sonoma", 
        "description": "Multiple issues were addressed by updating to curl version 8.4.0.", 
        "update": "January 22, 2024, updated February 13, 2024", 
        "module": "curl", 
        "id": "CVE-2023-38546", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify protected parts of the file system", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "PackageKit", 
        "id": "CVE-2023-38564", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain root privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A path handling issue was addressed with improved validation.", 
        "update": "", 
        "module": "libxpc", 
        "id": "CVE-2023-38565", 
        "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass Privacy preferences", 
        "available": "macOS Ventura", 
        "description": "This issue was addressed with improved validation of symlinks.", 
        "update": "July 27, 2023", 
        "module": "Music", 
        "id": "CVE-2023-38571", 
        "credit": "Gergely Kalman (@gergely_kalman)", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "A website may be able to bypass Same Origin Policy", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-38572", 
        "credit": "Narendra Bhati (twitter.com/imnarendrabhati) of Suma Soft Pvt. Ltd, Pune - India", 
        "bugzilla": "256549", 
        "page": "https://support.apple.com/en-us/HT213847", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "October 31, 2023", 
        "module": "Apple Neural Engine", 
        "id": "CVE-2023-38580", 
        "credit": "Mohamed GHANNAM (@_simo36)", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "A sandboxed process may be able to circumvent sandbox restrictions", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "An access issue was addressed with additional sandbox restrictions.", 
        "update": "", 
        "module": "Image Capture", 
        "id": "CVE-2023-38586", 
        "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "A remote user may be able to cause unexpected system termination or corrupt kernel memory", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A buffer overflow issue was addressed with improved memory handling.", 
        "update": "July 27, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-38590", 
        "credit": "Zweig of Kunlun Lab", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "A logic issue was addressed with improved restrictions.", 
        "update": "July 27, 2023", 
        "module": "WebKit", 
        "id": "CVE-2023-38592", 
        "credit": "Narendra Bhati (twitter.com/imnarendrabhati) of Suma Soft Pvt. Ltd, Pune - India, Valentino Dalla Valle, Pedro Bernardo, Marco Squarcina, and Lorenzo Veronese of TU Wien", 
        "bugzilla": "257331", 
        "page": "https://support.apple.com/en-us/HT213847", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause a denial-of-service", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "", 
        "module": "libxpc", 
        "id": "CVE-2023-38593", 
        "credit": "Noah Roskin-Frazee", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-38594", 
        "credit": "Yuhao Hu", 
        "bugzilla": "256865", 
        "page": "https://support.apple.com/en-us/HT213847", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-38595", 
        "credit": "an anonymous researcher, Jiming Wang, and Jikai Ren", 
        "bugzilla": "256573", 
        "page": "https://support.apple.com/en-us/HT213847", 
        "rsr": ""
    }, 
    {
        "impact": "An app may fail to enforce App Transport Security", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved handling of protocols.", 
        "update": "", 
        "module": "CFNetwork", 
        "id": "CVE-2023-38596", 
        "credit": "Will Brattain at Trail of Bits", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "WebKit Process Model", 
        "id": "CVE-2023-38597", 
        "credit": "\uc774\uc900\uc131(Junsung Lee) of Cross Republic", 
        "bugzilla": "258100", 
        "page": "https://support.apple.com/en-us/HT213847", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "July 27, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-38598", 
        "credit": "Mohamed GHANNAM (@_simo36)", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "A website may be able to track sensitive user information", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "A logic issue was addressed with improved state management.", 
        "update": "July 27, 2023", 
        "module": "WebKit", 
        "id": "CVE-2023-38599", 
        "credit": "Hritvik Taneja, Jason Kim, Jie Jeff Xu, Stephan van Schaik, Daniel Genkin, and Yuval Yarom", 
        "bugzilla": "257822", 
        "page": "https://support.apple.com/en-us/HT213847", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-38600", 
        "credit": "Anonymous working with Trend Micro Zero Day Initiative", 
        "bugzilla": "257387", 
        "page": "https://support.apple.com/en-us/HT213847", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify protected parts of the file system", 
        "available": "macOS Ventura", 
        "description": "This issue was addressed by removing the vulnerable code.", 
        "update": "July 27, 2023", 
        "module": "Net-SNMP", 
        "id": "CVE-2023-38601", 
        "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify protected parts of the file system", 
        "available": "macOS Ventura", 
        "description": "A permissions issue was addressed with additional restrictions.", 
        "update": "", 
        "module": "PackageKit", 
        "id": "CVE-2023-38602", 
        "credit": "Arsenii Kostromin (0x3c3e)", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "A remote user may be able to cause a denial-of-service", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-38603", 
        "credit": "Zweig of Kunlun Lab", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "An out-of-bounds write issue was addressed with improved input validation.", 
        "update": "July 27, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-38604", 
        "credit": "an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to determine a user\u2019s current location", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed with improved redaction of sensitive information.", 
        "update": "October 31, 2023", 
        "module": "Weather", 
        "id": "CVE-2023-38605", 
        "credit": "Adam M.", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1.", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed with improved state management.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-38606", 
        "credit": "Valentin Pashkov, Mikhail Vinogradov, Georgy Kucherin (@kucher1n), Leonid Bezvershenko (@bzvr_), and Boris Larin (@oct0xor) of Kaspersky", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify Printer settings", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved handling of caches.", 
        "update": "December 22, 2023", 
        "module": "Printing", 
        "id": "CVE-2023-38607", 
        "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with additional permissions checks.", 
        "update": "December 21, 2023", 
        "module": "Voice Memos", 
        "id": "CVE-2023-38608", 
        "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit), Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab), Kirin (@Pwnrin), and Yishu Wang", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass certain Privacy preferences", 
        "available": "macOS Ventura", 
        "description": "An injection issue was addressed with improved input validation.", 
        "update": "July 27, 2023", 
        "module": "PackageKit", 
        "id": "CVE-2023-38609", 
        "credit": "Michael Cowell", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause unexpected system termination or write kernel memory", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A memory corruption issue was addressed by removing the vulnerable code.", 
        "update": "December 22, 2023", 
        "module": "Wi-Fi", 
        "id": "CVE-2023-38610", 
        "credit": "Wang Yu of Cyberserval", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-38611", 
        "credit": "Francisco Alonso (@revskills)", 
        "bugzilla": "258058", 
        "page": "https://support.apple.com/en-us/HT213847", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access protected user data", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved checks.", 
        "update": "December 22, 2023", 
        "module": "Ask to Buy", 
        "id": "CVE-2023-38612", 
        "credit": "Chris Ross (Zoom)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "AMD", 
        "id": "CVE-2023-38615", 
        "credit": "ABC Research s.r.o.", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "macOS Ventura", 
        "description": "A race condition was addressed with improved state handling.", 
        "update": "September 6, 2023", 
        "module": "AMD", 
        "id": "CVE-2023-38616", 
        "credit": "ABC Research s.r.o.", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may disclose sensitive information", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Safari", 
        "id": "CVE-2023-39233", 
        "credit": "Luan Herrera (@lbherrera_)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "December 22, 2023", 
        "module": "WebKit", 
        "id": "CVE-2023-39434", 
        "credit": "Francisco Alonso (@revskills), and Dohyun Lee (@l33d0hyun) of PK Security", 
        "bugzilla": "249451", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "macOS Ventura", 
        "description": "A path handling issue was addressed with improved validation.", 
        "update": "October 31, 2023", 
        "module": "libc", 
        "id": "CVE-2023-40383", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A permissions issue was addressed with improved redaction of sensitive information.", 
        "update": "", 
        "module": "Airport", 
        "id": "CVE-2023-40384", 
        "credit": "Adam M.", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "A remote attacker may be able to view leaked DNS queries with Private Relay turned on", 
        "available": "macOS Monterey and macOS Ventura", 
        "description": "This issue was addressed by removing the vulnerable code.", 
        "update": "January 2, 2024", 
        "module": "WebKit", 
        "id": "CVE-2023-40385", 
        "credit": "Anonymous", 
        "bugzilla": "257303", 
        "page": "https://support.apple.com/en-us/HT213941", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access Notes attachments", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A privacy issue was addressed with improved handling of temporary files.", 
        "update": "", 
        "module": "Notes", 
        "id": "CVE-2023-40386", 
        "credit": "Kirin (@Pwnrin)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "Safari may save photos to an unprotected location", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A privacy issue was addressed with improved handling of temporary files.", 
        "update": "", 
        "module": "Safari", 
        "id": "CVE-2023-40388", 
        "credit": "Kirin (@Pwnrin)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to disclose kernel memory", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "GPU Drivers", 
        "id": "CVE-2023-40391", 
        "credit": "Antonio Zekic (@antoniozekic) of Dataflow Security", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "October 31, 2023", 
        "module": "CFNetwork", 
        "id": "CVE-2023-40392", 
        "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "Photos in the Hidden Photos Album may be viewed without authentication", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "An authentication issue was addressed with improved state management.", 
        "update": "December 22, 2023", 
        "module": "Photos", 
        "id": "CVE-2023-40393", 
        "credit": "an anonymous researcher, Berke K\u0131rba\u015f, and Harsh Jaiswal", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved validation of environment variables.", 
        "update": "October 31, 2023", 
        "module": "Logging", 
        "id": "CVE-2023-40394", 
        "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access contacts", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved handling of caches.", 
        "update": "", 
        "module": "Game Center", 
        "id": "CVE-2023-40395", 
        "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "A remote attacker may be able to cause arbitrary javascript code execution", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "October 31, 2023", 
        "module": "WebKit", 
        "id": "CVE-2023-40397", 
        "credit": "Johan Carlsson (joaxcar)", 
        "bugzilla": "257824", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to disclose kernel memory", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Apple Neural Engine", 
        "id": "CVE-2023-40399", 
        "credit": "Mohamed GHANNAM (@_simo36)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "A remote user may cause an unexpected app termination or arbitrary code execution", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "This issue was addressed with improved checks.", 
        "update": "", 
        "module": "libpcap", 
        "id": "CVE-2023-40400", 
        "credit": "Sei K.", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker may be able to access passkeys without authentication", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with additional permissions checks.", 
        "update": "", 
        "module": "Passkeys", 
        "id": "CVE-2023-40401", 
        "credit": "an anonymous researcher and weize she", 
        "page": "https://support.apple.com/en-us/HT213985", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A permissions issue was addressed with additional restrictions.", 
        "update": "", 
        "module": "Bluetooth", 
        "id": "CVE-2023-40402", 
        "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may disclose sensitive information", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "libxslt", 
        "id": "CVE-2023-40403", 
        "credit": "Dohyun Lee (@l33d0hyun) of PK Security", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "macOS Sonoma", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "Networking", 
        "id": "CVE-2023-40404", 
        "credit": "Certik Skyfall Team", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "macOS Sonoma", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "", 
        "module": "Maps", 
        "id": "CVE-2023-40405", 
        "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read arbitrary files", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "ColorSync", 
        "id": "CVE-2023-40406", 
        "credit": "JeongOhKyea of Theori", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "A remote attacker may be able to cause a denial-of-service", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved bounds checks.", 
        "update": "", 
        "module": "CUPS", 
        "id": "CVE-2023-40407", 
        "credit": "Sei K.", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "Hide My Email may be deactivated unexpectedly", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "An inconsistent user interface issue was addressed with improved state management.", 
        "update": "", 
        "module": "Mail Drafts", 
        "id": "CVE-2023-40408", 
        "credit": "Grzegorz Riegel", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "September 26, 2023", 
        "module": "Apple Neural Engine", 
        "id": "CVE-2023-40409", 
        "credit": "Ye Zhang (@VAR10CK) of Baidu Security", 
        "page": "https://support.apple.com/en-us/HT213931", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to disclose kernel memory", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "", 
        "module": "Apple Neural Engine", 
        "id": "CVE-2023-40410", 
        "credit": "Tim Michaud (@TimGMichaud) of Moveworks.ai", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "This issue was addressed with improved data protection.", 
        "update": "December 22, 2023", 
        "module": "FileProvider", 
        "id": "CVE-2023-40411", 
        "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab), and Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "September 26, 2023", 
        "module": "Apple Neural Engine", 
        "id": "CVE-2023-40412", 
        "credit": "Mohamed GHANNAM (@_simo36)", 
        "page": "https://support.apple.com/en-us/HT213931", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved handling of caches.", 
        "update": "", 
        "module": "Find My", 
        "id": "CVE-2023-40413", 
        "credit": "Adam M.", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "macOS Monterey and macOS Ventura", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "January 2, 2024", 
        "module": "WebKit", 
        "id": "CVE-2023-40414", 
        "credit": "Francisco Alonso (@revskills)", 
        "bugzilla": "258992", 
        "page": "https://support.apple.com/en-us/HT213941", 
        "rsr": ""
    }, 
    {
        "impact": "Processing an image may result in disclosure of process memory", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "ImageIO", 
        "id": "CVE-2023-40416", 
        "credit": "JZ", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "Visiting a website that frames malicious content may lead to UI spoofing", 
        "available": "macOS Monterey and macOS Ventura", 
        "description": "A window management issue was addressed with improved state management.", 
        "update": "January 2, 2024", 
        "module": "Safari", 
        "id": "CVE-2023-40417", 
        "credit": "Narendra Bhati (twitter.com/imnarendrabhati) of Suma Soft Pvt. Ltd, Pune (India)", 
        "page": "https://support.apple.com/en-us/HT213941", 
        "rsr": ""
    }, 
    {
        "impact": "An Apple Watch Ultra may not lock when using the Depth app", 
        "available": "Apple Watch Ultra (all models)", 
        "description": "An authentication issue was addressed with improved state management.", 
        "update": "", 
        "module": "Passcode", 
        "id": "CVE-2023-40418", 
        "credit": "serkan Gurbuz", 
        "page": "https://support.apple.com/en-us/HT213937", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain elevated privileges", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Simulator", 
        "id": "CVE-2023-40419", 
        "credit": "Arsenii Kostromin (0x3c3e)", 
        "page": "https://support.apple.com/en-us/HT213938", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to a denial-of-service", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "CoreAnimation", 
        "id": "CVE-2023-40420", 
        "credit": "\uc774\uc900\uc131(Junsung Lee) of Cross Republic", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "macOS Sonoma", 
        "description": "A permissions issue was addressed with additional restrictions.", 
        "update": "", 
        "module": "talagent", 
        "id": "CVE-2023-40421", 
        "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause a denial-of-service", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "QuartzCore", 
        "id": "CVE-2023-40422", 
        "credit": "Tomi Tokics (@tomitokics) of iTomsn0w", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "IOTextEncryptionFamily", 
        "id": "CVE-2023-40423", 
        "credit": "an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "TCC", 
        "id": "CVE-2023-40424", 
        "credit": "Arsenii Kostromin (0x3c3e), Joshua Jewett (@JoshJewett33), and Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app with root privileges may be able to access private information", 
        "available": "macOS Monterey", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "", 
        "module": "Sandbox", 
        "id": "CVE-2023-40425", 
        "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT213983", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass certain Privacy preferences", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A permissions issue was addressed with additional restrictions.", 
        "update": "", 
        "module": "Bluetooth", 
        "id": "CVE-2023-40426", 
        "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved handling of caches.", 
        "update": "", 
        "module": "Maps", 
        "id": "CVE-2023-40427", 
        "credit": "Adam M., and Wojciech Regula of SecuRing (wojciechregula.blog)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved handling of caches.", 
        "update": "", 
        "module": "Siri", 
        "id": "CVE-2023-40428", 
        "credit": "Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal", 
        "page": "https://support.apple.com/en-us/HT213938", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A permissions issue was addressed with improved validation.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-40429", 
        "credit": "Michael (Biscuit) Thomas and \u5f20\u5e08\u5085(@\u4eac\u4e1c\u84dd\u519b)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access removable volumes without user consent", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "December 22, 2023", 
        "module": "Sandbox", 
        "id": "CVE-2023-40430", 
        "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "GPU Drivers", 
        "id": "CVE-2023-40431", 
        "credit": "Certik Skyfall Team", 
        "page": "https://support.apple.com/en-us/HT213938", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "December 22, 2023", 
        "module": "Apple Neural Engine", 
        "id": "CVE-2023-40432", 
        "credit": "Mohamed GHANNAM (@_simo36)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may bypass Gatekeeper checks", 
        "available": "macOS Ventura", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "December 21, 2023", 
        "module": "DesktopServices", 
        "id": "CVE-2023-40433", 
        "credit": "Mikko Kentt\u00e4l\u00e4 (@Turmio_ ) of SensorFu", 
        "page": "https://support.apple.com/en-us/HT213670", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access a user's Photos Library", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A configuration issue was addressed with additional restrictions.", 
        "update": "", 
        "module": "iCloud Photo Library", 
        "id": "CVE-2023-40434", 
        "credit": "Mikko Kentt\u00e4l\u00e4 (@Turmio_ ) of SensorFu", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access App Store credentials", 
        "available": "macOS Ventura 13.5 and later", 
        "description": "This issue was addressed by enabling hardened runtime.", 
        "update": "", 
        "module": "iTMSTransporter", 
        "id": "CVE-2023-40435", 
        "credit": "James Duffy (mangoSecure)", 
        "page": "https://support.apple.com/en-us/HT213939", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker may be able to cause unexpected system termination or read kernel memory", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved bounds checks.", 
        "update": "", 
        "module": "IOAcceleratorFamily", 
        "id": "CVE-2023-40436", 
        "credit": "Murray Mike", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "October 31, 2023", 
        "module": "Find My", 
        "id": "CVE-2023-40437", 
        "credit": "Kirin (@Pwnrin), and Wojciech Regula of SecuRing (wojciechregula.blog)", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access edited photos saved to a temporary directory", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "An issue was addressed with improved handling of temporary files.", 
        "update": "December 22, 2023", 
        "module": "Core Image", 
        "id": "CVE-2023-40438", 
        "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "October 31, 2023", 
        "module": "Accounts", 
        "id": "CVE-2023-40439", 
        "credit": "Kirin (@Pwnrin)", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "A S/MIME encrypted email may be inadvertently sent unencrypted", 
        "available": "macOS Ventura", 
        "description": "This issue was addressed with improved state management of S/MIME encrypted emails.", 
        "update": "December 21, 2023", 
        "module": "Mail", 
        "id": "CVE-2023-40440", 
        "credit": "Taavi Eom\u00e4e from Zone Media O\u00dc", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to a denial-of-service", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A resource exhaustion issue was addressed with improved input validation.", 
        "update": "", 
        "module": "GPU Drivers", 
        "id": "CVE-2023-40441", 
        "credit": "Ron Masas of Imperva", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "October 31, 2023", 
        "module": "Accessibility", 
        "id": "CVE-2023-40442", 
        "credit": "Nick Brook", 
        "page": "https://support.apple.com/en-us/HT213841", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain root privileges", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved checks.", 
        "update": "December 22, 2023", 
        "module": "Spotlight", 
        "id": "CVE-2023-40443", 
        "credit": "Gergely Kalman (@gergely_kalman)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "macOS Sonoma", 
        "description": "A permissions issue was addressed with additional restrictions.", 
        "update": "", 
        "module": "AppSandbox", 
        "id": "CVE-2023-40444", 
        "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "A device may persistently fail to lock", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved UI handling.", 
        "update": "", 
        "module": "Status Bar", 
        "id": "CVE-2023-40445", 
        "credit": "Ting Ding, James Mancz, Omar Shibli, an anonymous researcher, Lorenzo Cavallaro, and Harry Lewandowski", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "Processing maliciously crafted input may lead to arbitrary code execution in user-installed apps", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "November 3, 2023", 
        "module": "libc", 
        "id": "CVE-2023-40446", 
        "credit": "inooo", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-40447", 
        "credit": "\uc774\uc900\uc131(Junsung Lee) of Cross Republic", 
        "bugzilla": "259836", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "A remote attacker may be able to break out of Web Content sandbox", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved handling of protocols.", 
        "update": "", 
        "module": "App Store", 
        "id": "CVE-2023-40448", 
        "credit": "w0wbox", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause a denial-of-service", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "CoreAnimation", 
        "id": "CVE-2023-40449", 
        "credit": "Tomi Tokics (@tomitokics) of iTomsn0w", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An app may bypass Gatekeeper checks", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "System Preferences", 
        "id": "CVE-2023-40450", 
        "credit": "Thijs Alkemade (@xnyhps) from Computest Sector 7", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker with JavaScript execution may be able to execute arbitrary code", 
        "available": "macOS Monterey and macOS Ventura", 
        "description": "This issue was addressed with improved iframe sandbox enforcement.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-40451", 
        "credit": "an anonymous researcher", 
        "bugzilla": "251276", 
        "page": "https://support.apple.com/en-us/HT213941", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to overwrite arbitrary files", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved bounds checks.", 
        "update": "", 
        "module": "Sandbox", 
        "id": "CVE-2023-40452", 
        "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to delete files for which it does not have permission", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A permissions issue was addressed with additional restrictions.", 
        "update": "", 
        "module": "libxpc", 
        "id": "CVE-2023-40454", 
        "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "A sandboxed process may be able to circumvent sandbox restrictions", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A permissions issue was addressed with additional restrictions.", 
        "update": "", 
        "module": "NetFSFramework", 
        "id": "CVE-2023-40455", 
        "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access edited photos saved to a temporary directory", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Photos Storage", 
        "id": "CVE-2023-40456", 
        "credit": "Kirin (@Pwnrin)", 
        "page": "https://support.apple.com/en-us/HT213938", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access edited photos saved to a temporary directory", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Photos Storage", 
        "id": "CVE-2023-40520", 
        "credit": "Kirin (@Pwnrin)", 
        "page": "https://support.apple.com/en-us/HT213938", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass Privacy preferences", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "This issue was addressed by removing the vulnerable code.", 
        "update": "January 22, 2024", 
        "module": "Core Data", 
        "id": "CVE-2023-40528", 
        "credit": "Kirin (@Pwnrin) of NorthSea", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "A person with physical access to a device may be able to use VoiceOver to access private calendar information", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed with improved redaction of sensitive information.", 
        "update": "December 22, 2023", 
        "module": "Accessibility", 
        "id": "CVE-2023-40529", 
        "credit": "Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal", 
        "page": "https://support.apple.com/en-us/HT213938", 
        "rsr": ""
    }, 
    {
        "impact": "A shortcut may output sensitive user data without consent", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "This issue was addressed by adding an additional prompt for user consent.", 
        "update": "", 
        "module": "Shortcuts", 
        "id": "CVE-2023-40541", 
        "credit": "Noah Roskin-Frazee (ZeroClicks.ai Lab) and James Duffy (mangoSecure)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "A remote user may be able to cause kernel code execution", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A type confusion issue was addressed with improved checks.", 
        "update": "December 22, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-41060", 
        "credit": "Joseph Ravichandran (@0xjprx) of MIT CSAIL", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A validation issue was addressed with improved logic.", 
        "update": "", 
        "module": "Wallet", 
        "id": "CVE-2023-41061", 
        "credit": "Apple", 
        "page": "https://support.apple.com/en-us/HT213905", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Pro Res", 
        "id": "CVE-2023-41063", 
        "credit": "Certik Skyfall Team", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "A buffer overflow issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "ImageIO", 
        "id": "CVE-2023-41064", 
        "credit": "The Citizen Lab at The University of Toronto\u02bcs Munk School", 
        "page": "https://support.apple.com/en-us/HT213913", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "", 
        "module": "bootp", 
        "id": "CVE-2023-41065", 
        "credit": "Adam M., and Noah Roskin-Frazee and Professor Jason Lau (ZeroClicks.ai Lab)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to unexpectedly leak a user's credentials from secure text fields", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "An authentication issue was addressed with improved state management.", 
        "update": "December 22, 2023", 
        "module": "Windows Server", 
        "id": "CVE-2023-41066", 
        "credit": "An anonymous researcher, Jeremy Legendre of MacEnhance, and Felix Kratz", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may bypass Gatekeeper checks", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "", 
        "module": "LaunchServices", 
        "id": "CVE-2023-41067", 
        "credit": "Ferdous Saljooki (@malwarezoo) of Jamf Software and an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "A user may be able to elevate privileges", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "An access issue was addressed with improved access restrictions.", 
        "update": "September 26, 2023", 
        "module": "MobileStorageMounter", 
        "id": "CVE-2023-41068", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213927", 
        "rsr": ""
    }, 
    {
        "impact": "A 3D model constructed to look like the enrolled user may authenticate via Face ID", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, and iPad Pro 11-inch 1st generation and later", 
        "description": "This issue was addressed by improving Face ID anti-spoofing models.", 
        "update": "December 22, 2023", 
        "module": "Face ID", 
        "id": "CVE-2023-41069", 
        "credit": "Zhice Yang (ShanghaiTech University)", 
        "page": "https://support.apple.com/en-us/HT213938", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive data logged when a user shares a link", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "", 
        "module": "Share Sheet", 
        "id": "CVE-2023-41070", 
        "credit": "Kirin (@Pwnrin)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "macOS Ventura", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "September 26, 2023", 
        "module": "Apple Neural Engine", 
        "id": "CVE-2023-41071", 
        "credit": "Mohamed GHANNAM (@_simo36)", 
        "page": "https://support.apple.com/en-us/HT213931", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "", 
        "module": "Contacts", 
        "id": "CVE-2023-41072", 
        "credit": "Wojciech Regula of SecuRing (wojciechregula.blog) and Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access protected user data", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "An authorization issue was addressed with improved state management.", 
        "update": "", 
        "module": "libxpc", 
        "id": "CVE-2023-41073", 
        "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "macOS Monterey and macOS Ventura", 
        "description": "The issue was addressed with improved checks.", 
        "update": "January 2, 2024", 
        "module": "WebKit", 
        "id": "CVE-2023-41074", 
        "credit": "\uc774\uc900\uc131(Junsung Lee) of Cross Republic and Jie Ding(@Lime) from HKUS3 Lab", 
        "bugzilla": "256551", 
        "page": "https://support.apple.com/en-us/HT213941", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "A type confusion issue was addressed with improved checks.", 
        "update": "December 21, 2023", 
        "module": "libpthread", 
        "id": "CVE-2023-41075", 
        "credit": "Zweig of Kunlun Lab", 
        "page": "https://support.apple.com/en-us/HT213673", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access protected user data", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Image Capture", 
        "id": "CVE-2023-41077", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213985", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass certain Privacy preferences", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "An authorization issue was addressed with improved state management.", 
        "update": "", 
        "module": "Screen Sharing", 
        "id": "CVE-2023-41078", 
        "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass Privacy preferences", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved permissions logic.", 
        "update": "", 
        "module": "Shortcuts", 
        "id": "CVE-2023-41079", 
        "credit": "Ron Masas of BreakPoint.sh and an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "December 22, 2023", 
        "module": "Apple Neural Engine", 
        "id": "CVE-2023-41174", 
        "credit": "Mohamed GHANNAM (@_simo36)", 
        "page": "https://support.apple.com/en-us/HT213938", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to disclose kernel memory", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "An out-of-bounds read was addressed with improved bounds checking.", 
        "update": "September 26, 2023", 
        "module": "Biometric Authentication", 
        "id": "CVE-2023-41232", 
        "credit": "Liang Wei of PixiePoint Security", 
        "page": "https://support.apple.com/en-us/HT213927", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "", 
        "module": "Weather", 
        "id": "CVE-2023-41254", 
        "credit": "Cristian Dinca of \"Tudor Vianu\" National High School of Computer Science, Romania", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read arbitrary files", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "This issue was addressed with improved validation of symlinks.", 
        "update": "", 
        "module": "StorageKit", 
        "id": "CVE-2023-41968", 
        "credit": "Mickey Jin (@patch1t) and James Hutchins", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "December 22, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-41974", 
        "credit": "F\u00e9lix Poulin-B\u00e9langer", 
        "page": "https://support.apple.com/en-us/HT213938", 
        "rsr": ""
    }, 
    {
        "impact": "A website may be able to access the microphone without the microphone use indicator being shown", 
        "available": "macOS Sonoma", 
        "description": "This issue was addressed by removing the vulnerable code.", 
        "update": "", 
        "module": "WindowServer", 
        "id": "CVE-2023-41975", 
        "credit": "an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-41976", 
        "credit": "\uc774\uc900\uc131(Junsung Lee)", 
        "bugzilla": "259890", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "Visiting a malicious website may reveal browsing history", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved handling of caches.", 
        "update": "", 
        "module": "Safari", 
        "id": "CVE-2023-41977", 
        "credit": "Alex Renda", 
        "page": "https://support.apple.com/en-us/HT213981", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify protected parts of the file system", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A race condition was addressed with improved locking.", 
        "update": "", 
        "module": "XProtectFramework", 
        "id": "CVE-2023-41979", 
        "credit": "Koh M. Nakagawa (@tsunek0h)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass Privacy preferences", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A permissions issue was addressed with additional restrictions.", 
        "update": "", 
        "module": "FileProvider", 
        "id": "CVE-2023-41980", 
        "credit": "Noah Roskin-Frazee and Professor Jason Lau (ZeroClicks.ai Lab)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-41981", 
        "credit": "Linus Henze of Pinauten GmbH (pinauten.de)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker with physical access may be able to use Siri to access sensitive user data", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed by restricting options offered on a locked device.", 
        "update": "February 16, 2024", 
        "module": "Siri", 
        "id": "CVE-2023-41982", 
        "credit": "Bistrit Dahal", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to a denial-of-service", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "WebKit Process Model", 
        "id": "CVE-2023-41983", 
        "credit": "\uc774\uc900\uc131(Junsung Lee)", 
        "bugzilla": "260757", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-41984", 
        "credit": "Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify protected parts of the file system", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Music", 
        "id": "CVE-2023-41986", 
        "credit": "Gergely Kalman (@gergely_kalman)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "This issue was addressed with improved checks.", 
        "update": "December 22, 2023", 
        "module": "Printing", 
        "id": "CVE-2023-41987", 
        "credit": "Kirin (@Pwnrin), and Wojciech Regula of SecuRing (wojciechregula.blog)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker with physical access may be able to use Siri to access sensitive user data", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed by restricting options offered on a locked device.", 
        "update": "February 16, 2024", 
        "module": "Siri", 
        "id": "CVE-2023-41988", 
        "credit": "Bistrit Dahal", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker may be able to execute arbitrary code as root from the Lock Screen", 
        "available": "macOS Sonoma", 
        "description": "The issue was addressed by restricting options offered on a locked device.", 
        "update": "", 
        "module": "Emoji", 
        "id": "CVE-2023-41989", 
        "credit": "Jewel Lambert", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a font file may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1.", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "The issue was addressed with improved handling of caches.", 
        "update": "September 8, 2023", 
        "module": "FontParser", 
        "id": "CVE-2023-41990", 
        "credit": "Apple, Valentin Pashkov, Mikhail Vinogradov, Georgy Kucherin (@kucher1n), Leonid Bezvershenko (@bzvr_), and Boris Larin (@oct0xor) of Kaspersky", 
        "page": "https://support.apple.com/en-us/HT213842", 
        "rsr": ""
    }, 
    {
        "impact": "A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, iPad mini 5th generation and later", 
        "description": "A certificate validation issue was addressed.", 
        "update": "", 
        "module": "Security", 
        "id": "CVE-2023-41991", 
        "credit": "Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group", 
        "page": "https://support.apple.com/en-us/HT213926", 
        "rsr": ""
    }, 
    {
        "impact": "A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-41992", 
        "credit": "Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group", 
        "page": "https://support.apple.com/en-us/HT213926", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-41993", 
        "credit": "Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group", 
        "bugzilla": "261544", 
        "page": "https://support.apple.com/en-us/HT213941", 
        "rsr": ""
    }, 
    {
        "impact": "A camera extension may be able to access the camera view from apps other than the app for which it was granted permission", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A logic issue was addressed with improved checks", 
        "update": "December 22, 2023", 
        "module": "CoreMedia", 
        "id": "CVE-2023-41994", 
        "credit": "Halle Winkler, Politepix @hallewinkler", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "December 22, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-41995", 
        "credit": "Certik Skyfall Team, and pattern-f (@pattern_F_) of Ant Security Light-Year Lab", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "Apps that fail verification checks may still launch", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved checks.", 
        "update": "December 22, 2023", 
        "module": "Sandbox", 
        "id": "CVE-2023-41996", 
        "credit": "Mickey Jin (@patch1t) and Yi\u011fit Can YILMAZ (@yilmazcanyigit)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker with physical access may be able to use Siri to access sensitive user data", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed by restricting options offered on a locked device.", 
        "update": "February 16, 2024", 
        "module": "Siri", 
        "id": "CVE-2023-41997", 
        "credit": "Bistrit Dahal", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "Visiting a malicious website may lead to user interface spoofing", 
        "available": "macOS Sonoma", 
        "description": "An inconsistent user interface issue was addressed with improved state management.", 
        "update": "", 
        "module": "Safari", 
        "id": "CVE-2023-42438", 
        "credit": "Rafay Baloch & Muhammad Samaak, and an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was resolved by sanitizing logging", 
        "update": "February 16, 2024", 
        "module": "Core Recents", 
        "id": "CVE-2023-42823", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6.", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-42824", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213972", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a file may lead to arbitrary code execution", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved checks.", 
        "update": "October 19, 2023", 
        "module": "Model I/O", 
        "id": "CVE-2023-42826", 
        "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain root privileges", 
        "available": "macOS Ventura", 
        "description": "This issue was addressed by removing the vulnerable code.", 
        "update": "December 21, 2023", 
        "module": "crontabs", 
        "id": "CVE-2023-42828", 
        "credit": "Erhad Husovic", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access SSH passphrases", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with additional restrictions on the observability of app states.", 
        "update": "December 21, 2023", 
        "module": "OpenSSH", 
        "id": "CVE-2023-42829", 
        "credit": "James Duffy (mangoSecure)", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "October 31, 2023", 
        "module": "App Store", 
        "id": "CVE-2023-42830", 
        "credit": "an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to fingerprint the user", 
        "available": "iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)", 
        "description": "This issue was addressed by removing the vulnerable code.", 
        "update": "December 22, 2023", 
        "module": "Security", 
        "id": "CVE-2023-42831", 
        "credit": "James Duffy (mangoSecure)", 
        "page": "https://support.apple.com/en-us/HT213842", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain root privileges", 
        "available": "macOS Ventura", 
        "description": "A race condition was addressed with improved state handling.", 
        "update": "December 21, 2023", 
        "module": "Software Update", 
        "id": "CVE-2023-42832", 
        "credit": "Arsenii Kostromin (0x3c3e)", 
        "page": "https://support.apple.com/en-us/HT213843", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "macOS Monterey and macOS Ventura", 
        "description": "A correctness issue was addressed with improved checks.", 
        "update": "January 2, 2024", 
        "module": "WebKit", 
        "id": "CVE-2023-42833", 
        "credit": "Dong Jun Kim (@smlijun) and Jong Seong Kim (@nevul37) of AbyssLab", 
        "bugzilla": "258592", 
        "page": "https://support.apple.com/en-us/HT213941", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "macOS Ventura", 
        "description": "A privacy issue was addressed with improved handling of files.", 
        "update": "February 16, 2024", 
        "module": "Find My", 
        "id": "CVE-2023-42834", 
        "credit": "Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT214038", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker may be able to access user data", 
        "available": "macOS Sonoma", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "February 16, 2024", 
        "module": "RemoteViewServices", 
        "id": "CVE-2023-42835", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker may be able to access connected network volumes mounted in the home directory", 
        "available": "macOS Ventura", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "February 16, 2024", 
        "module": "Sandbox", 
        "id": "CVE-2023-42836", 
        "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", 
        "page": "https://support.apple.com/en-us/HT214038", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges", 
        "available": "macOS Ventura", 
        "description": "An access issue was addressed with improvements to the sandbox.", 
        "update": "February 16, 2024", 
        "module": "quarantine", 
        "id": "CVE-2023-42838", 
        "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit), and Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT214038", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed with improved state management.", 
        "update": "February 16, 2024", 
        "module": "Sandbox", 
        "id": "CVE-2023-42839", 
        "credit": "Yi\u011fit Can YILMAZ (@yilmazcanyigit)", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "macOS Sonoma", 
        "description": "The issue was addressed with improved checks.", 
        "update": "February 16, 2024", 
        "module": "PackageKit", 
        "id": "CVE-2023-42840", 
        "credit": "Mickey Jin (@patch1t), and Csaba Fitzl (@theevilbit) of Offensive Security", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Pro Res", 
        "id": "CVE-2023-42841", 
        "credit": "Mingxuan Yang (@PPPF00L), happybabywu and Guang Gong of 360 Vulnerability Research Institute", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "macOS Sonoma", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "SharedFileList", 
        "id": "CVE-2023-42842", 
        "credit": "an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Visiting a malicious website may lead to address bar spoofing", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "An inconsistent user interface issue was addressed with improved state management.", 
        "update": "February 16, 2024", 
        "module": "WebKit", 
        "id": "CVE-2023-42843", 
        "credit": "Kacper Kwapisz (@KKKas_)", 
        "bugzilla": "260046", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "A website may be able to access sensitive user data when resolving symlinks", 
        "available": "macOS Sonoma", 
        "description": "This issue was addressed with improved handling of symlinks.", 
        "update": "", 
        "module": "Foundation", 
        "id": "CVE-2023-42844", 
        "credit": "Ron Masas of BreakPoint.SH", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "Photos in the Hidden Photos Album may be viewed without authentication", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "An authentication issue was addressed with improved state management.", 
        "update": "February 16, 2024", 
        "module": "Photos", 
        "id": "CVE-2023-42845", 
        "credit": "Bistrit Dahal", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "A device may be passively tracked by its Wi-Fi MAC address", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed by removing the vulnerable code.", 
        "update": "", 
        "module": "mDNSResponder", 
        "id": "CVE-2023-42846", 
        "credit": "Talal Haj Bakry and Tommy Mysk of Mysk Inc. @mysk_co", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker may be able to access passkeys without authentication", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "", 
        "module": "Passkeys", 
        "id": "CVE-2023-42847", 
        "credit": "an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted image may lead to heap corruption", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved bounds checks.", 
        "update": "February 16, 2024", 
        "module": "ImageIO", 
        "id": "CVE-2023-42848", 
        "credit": "JZ", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-42849", 
        "credit": "Linus Henze of Pinauten GmbH (pinauten.de)", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "macOS Sonoma", 
        "description": "The issue was addressed with improved permissions logic.", 
        "update": "", 
        "module": "LaunchServices", 
        "id": "CVE-2023-42850", 
        "credit": "Thijs Alkemade (@xnyhps) from Computest Sector 7, Brian McNulty, Zhongquan Li", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "February 16, 2024", 
        "module": "WebKit", 
        "id": "CVE-2023-42852", 
        "credit": "Pedro Ribeiro (@pedrib1337) and Vitor Pedreira (@0xvhp_) of Agile Information Security", 
        "bugzilla": "260173", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "macOS Sonoma", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "February 16, 2024", 
        "module": "PackageKit", 
        "id": "CVE-2023-42853", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to cause a denial-of-service to Endpoint Security clients", 
        "available": "macOS Sonoma", 
        "description": "This issue was addressed by removing the vulnerable code.", 
        "update": "", 
        "module": "FileProvider", 
        "id": "CVE-2023-42854", 
        "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker with physical access may be able to silently persist an Apple ID on an erased device", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed with improved state management.", 
        "update": "February 16, 2024", 
        "module": "Setup Assistant", 
        "id": "CVE-2023-42855", 
        "credit": "Sam Lakmaker", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Model I/O", 
        "id": "CVE-2023-42856", 
        "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "", 
        "module": "Contacts", 
        "id": "CVE-2023-42857", 
        "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "macOS Sonoma", 
        "description": "The issue was addressed with improved checks.", 
        "update": "February 16, 2024", 
        "module": "WindowServer", 
        "id": "CVE-2023-42858", 
        "credit": "an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify protected parts of the file system", 
        "available": "macOS Sonoma", 
        "description": "The issue was addressed with improved checks.", 
        "update": "February 16, 2024", 
        "module": "PackageKit", 
        "id": "CVE-2023-42859", 
        "credit": "Arsenii Kostromin (0x3c3e), Mickey Jin (@patch1t), and Hevel Engineering", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify protected parts of the file system", 
        "available": "macOS Sonoma", 
        "description": "A permissions issue was addressed with additional restrictions.", 
        "update": "February 16, 2024", 
        "module": "PackageKit", 
        "id": "CVE-2023-42860", 
        "credit": "Koh M. Nakagawa (@tsunek0h) of FFRI Security, Inc.", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac", 
        "available": "macOS Sonoma", 
        "description": "A logic issue was addressed with improved state management.", 
        "update": "October 27, 2023", 
        "module": "Login Window", 
        "id": "CVE-2023-42861", 
        "credit": "Jon Crain, \u51ef \u738b, Brandon Chesser & CPU IT, inc, Matthew McLean, Steven Maser, and the IT Team of Concentrix", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "Processing an image may result in disclosure of process memory", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "December 21, 2023", 
        "module": "ImageIO", 
        "id": "CVE-2023-42862", 
        "credit": "Meysam Firouzi (@R00tkitSMM) of Mbition Mercedes-Benz Innovation Lab", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "Processing an image may result in disclosure of process memory", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "December 21, 2023", 
        "module": "ImageIO", 
        "id": "CVE-2023-42865", 
        "credit": "jzhu working with Trend Micro Zero Day Initiative and Meysam Firouzi (@R00tkitSMM) of Mbition Mercedes-Benz Innovation Lab", 
        "page": "https://support.apple.com/en-us/HT213676", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "macOS Big Sur and macOS Monterey", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "December 21, 2023", 
        "module": "WebKit", 
        "id": "CVE-2023-42866", 
        "credit": "Francisco Alonso (@revskills) and Junsung Lee", 
        "bugzilla": "257684", 
        "page": "https://support.apple.com/en-us/HT213847", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain root privileges", 
        "available": "macOS Ventura and macOS Sonoma", 
        "description": "This issue was addressed with improved validation of the process entitlement and Team ID.", 
        "update": "", 
        "module": "GarageBand", 
        "id": "CVE-2023-42867", 
        "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", 
        "page": "https://support.apple.com/en-us/HT214042", 
        "rsr": ""
    }, 
    {
        "impact": "Multiple issues in libxml2", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "Multiple memory corruption issues were addressed with improved input validation.", 
        "update": "December 21, 2023", 
        "module": "libxml2", 
        "id": "CVE-2023-42869", 
        "credit": "OSS-Fuzz, and Ned Williamson of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT213757", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "December 22, 2023", 
        "module": "Kernel", 
        "id": "CVE-2023-42870", 
        "credit": "Zweig of Kunlun Lab", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "December 22, 2023", 
        "module": "Apple Neural Engine", 
        "id": "CVE-2023-42871", 
        "credit": "Mohamed GHANNAM (@_simo36)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with additional permissions checks.", 
        "update": "December 22, 2023", 
        "module": "AppleMobileFileIntegrity", 
        "id": "CVE-2023-42872", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to execute arbitrary code with kernel privileges", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved bounds checks.", 
        "update": "February 16, 2024", 
        "module": "Pro Res", 
        "id": "CVE-2023-42873", 
        "credit": "Mingxuan Yang (@PPPF00L), and happybabywu and Guang Gong of 360 Vulnerability Research Institute", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "Secure text fields may be displayed via the Accessibility Keyboard when using a physical keyboard", 
        "available": "macOS Sonoma", 
        "description": "This issue was addressed with improved state management.", 
        "update": "", 
        "module": "Accessibility", 
        "id": "CVE-2023-42874", 
        "credit": "Don Clarke", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a file may lead to a denial-of-service or potentially disclose memory contents", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved bounds checks.", 
        "update": "December 22, 2023", 
        "module": "BOM", 
        "id": "CVE-2023-42876", 
        "credit": "Koh M. Nakagawa (@tsunek0h)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to modify protected parts of the file system", 
        "available": "macOS Sonoma", 
        "description": "The issue was addressed with improved checks.", 
        "update": "February 16, 2024", 
        "module": "PackageKit", 
        "id": "CVE-2023-42877", 
        "credit": "Arsenii Kostromin (0x3c3e)", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "February 16, 2024", 
        "module": "Share Sheet", 
        "id": "CVE-2023-42878", 
        "credit": "Kirin (@Pwnrin), Wojciech Regula of SecuRing (wojciechregula.blog), and Cristian Dinca of \"Tudor Vianu\" National High School of Computer Science, Romania", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "December 12, 2023", 
        "module": "AppleVA", 
        "id": "CVE-2023-42881", 
        "credit": "Ivan Fratric of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing an image may lead to arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "AppleVA", 
        "id": "CVE-2023-42882", 
        "credit": "Ivan Fratric of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing an image may lead to a denial-of-service", 
        "available": "macOS Monterey and macOS Ventura", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-42883", 
        "credit": "Zoom Offensive Security Team", 
        "bugzilla": "263349", 
        "page": "https://support.apple.com/en-us/HT214039", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to disclose kernel memory", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed with improved redaction of sensitive information.", 
        "update": "", 
        "module": "AVEVideoEncoder", 
        "id": "CVE-2023-42884", 
        "credit": "an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT214035", 
        "rsr": ""
    }, 
    {
        "impact": "A user may be able to cause unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "An out-of-bounds read was addressed with improved bounds checking.", 
        "update": "", 
        "module": "CoreServices", 
        "id": "CVE-2023-42886", 
        "credit": "Koh M. Nakagawa (@tsunek0h)", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read arbitrary files", 
        "available": "macOS Sonoma", 
        "description": "An access issue was addressed with additional sandbox restrictions.", 
        "update": "January 22, 2024", 
        "module": "NSOpenPanel", 
        "id": "CVE-2023-42887", 
        "credit": "Ron Masas of BreakPoint.sh", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted image may result in disclosure of process memory", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "January 22, 2024", 
        "module": "ImageIO", 
        "id": "CVE-2023-42888", 
        "credit": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", 
        "page": "https://support.apple.com/en-us/HT214035", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to bypass certain Privacy preferences", 
        "available": "macOS Sonoma", 
        "description": "The issue was addressed with improved checks.", 
        "update": "February 16, 2024", 
        "module": "PackageKit", 
        "id": "CVE-2023-42889", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution", 
        "available": "macOS Monterey and macOS Ventura", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-42890", 
        "credit": "Pwn2car", 
        "bugzilla": "259830", 
        "page": "https://support.apple.com/en-us/HT214039", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to monitor keystrokes without user permission", 
        "available": "macOS Sonoma", 
        "description": "An authentication issue was addressed with improved state management.", 
        "update": "", 
        "module": "IOKit", 
        "id": "CVE-2023-42891", 
        "credit": "an anonymous researcher", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access information about a user's contacts", 
        "available": "macOS Sonoma", 
        "description": "This issue was addressed with improved redaction of sensitive information.", 
        "update": "", 
        "module": "AppleEvents", 
        "id": "CVE-2023-42894", 
        "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker with physical access may be able to use Siri to access sensitive user data", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "Siri", 
        "id": "CVE-2023-42897", 
        "credit": "Andrew Goldberg of The McCombs School of Business, The University of Texas at Austin (linkedin.com/andrew-goldberg-/)", 
        "page": "https://support.apple.com/en-us/HT214035", 
        "rsr": ""
    }, 
    {
        "impact": "Processing an image may lead to arbitrary code execution", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "ImageIO", 
        "id": "CVE-2023-42898", 
        "credit": "Junsung Lee", 
        "page": "https://support.apple.com/en-us/HT214035", 
        "rsr": ""
    }, 
    {
        "impact": "Processing an image may lead to arbitrary code execution", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "ImageIO", 
        "id": "CVE-2023-42899", 
        "credit": "Meysam Firouzi @R00tkitSMM and Junsung Lee", 
        "page": "https://support.apple.com/en-us/HT214035", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access user-sensitive data", 
        "available": "macOS Sonoma", 
        "description": "The issue was addressed with improved checks.", 
        "update": "", 
        "module": "CoreMedia Playback", 
        "id": "CVE-2023-42900", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "Multiple memory corruption issues were addressed with improved input validation.", 
        "update": "", 
        "module": "AppleGraphicsControl", 
        "id": "CVE-2023-42901", 
        "credit": "Ivan Fratric of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "Multiple memory corruption issues were addressed with improved input validation.", 
        "update": "", 
        "module": "AppleGraphicsControl", 
        "id": "CVE-2023-42902", 
        "credit": "Ivan Fratric of Google Project Zero, and Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "Multiple memory corruption issues were addressed with improved input validation.", 
        "update": "", 
        "module": "AppleGraphicsControl", 
        "id": "CVE-2023-42903", 
        "credit": "Ivan Fratric of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "Multiple memory corruption issues were addressed with improved input validation.", 
        "update": "", 
        "module": "AppleGraphicsControl", 
        "id": "CVE-2023-42904", 
        "credit": "Ivan Fratric of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "Multiple memory corruption issues were addressed with improved input validation.", 
        "update": "", 
        "module": "AppleGraphicsControl", 
        "id": "CVE-2023-42905", 
        "credit": "Ivan Fratric of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "Multiple memory corruption issues were addressed with improved input validation.", 
        "update": "", 
        "module": "AppleGraphicsControl", 
        "id": "CVE-2023-42906", 
        "credit": "Ivan Fratric of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "Multiple memory corruption issues were addressed with improved input validation.", 
        "update": "", 
        "module": "AppleGraphicsControl", 
        "id": "CVE-2023-42907", 
        "credit": "Ivan Fratric of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "Multiple memory corruption issues were addressed with improved input validation.", 
        "update": "", 
        "module": "AppleGraphicsControl", 
        "id": "CVE-2023-42908", 
        "credit": "Ivan Fratric of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "Multiple memory corruption issues were addressed with improved input validation.", 
        "update": "", 
        "module": "AppleGraphicsControl", 
        "id": "CVE-2023-42909", 
        "credit": "Ivan Fratric of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "Multiple memory corruption issues were addressed with improved input validation.", 
        "update": "", 
        "module": "AppleGraphicsControl", 
        "id": "CVE-2023-42910", 
        "credit": "Ivan Fratric of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "Multiple memory corruption issues were addressed with improved input validation.", 
        "update": "", 
        "module": "AppleGraphicsControl", 
        "id": "CVE-2023-42911", 
        "credit": "Ivan Fratric of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "Multiple memory corruption issues were addressed with improved input validation.", 
        "update": "", 
        "module": "AppleGraphicsControl", 
        "id": "CVE-2023-42912", 
        "credit": "Ivan Fratric of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to break out of its sandbox", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved memory handling.", 
        "update": "", 
        "module": "Kernel", 
        "id": "CVE-2023-42914", 
        "credit": "Eloi Benoist-Vanderbeken (@elvanderb) of Synacktiv (@Synacktiv)", 
        "page": "https://support.apple.com/en-us/HT214035", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.", 
        "available": "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", 
        "description": "An out-of-bounds read was addressed with improved input validation.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-42916", 
        "credit": "Cl\u00e9ment Lecigne of Google's Threat Analysis Group", 
        "bugzilla": "265041", 
        "page": "https://support.apple.com/en-us/HT214034", 
        "rsr": ""
    }, 
    {
        "impact": "Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.", 
        "available": "iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation", 
        "description": "A memory corruption vulnerability was addressed with improved locking.", 
        "update": "", 
        "module": "WebKit", 
        "id": "CVE-2023-42917", 
        "credit": "Cl\u00e9ment Lecigne of Google's Threat Analysis Group", 
        "bugzilla": "265067", 
        "page": "https://support.apple.com/en-us/HT214034", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "", 
        "module": "Accounts", 
        "id": "CVE-2023-42919", 
        "credit": "Kirin (@Pwnrin)", 
        "page": "https://support.apple.com/en-us/HT214035", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to read sensitive location information", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed with improved redaction of sensitive information.", 
        "update": "", 
        "module": "Find My", 
        "id": "CVE-2023-42922", 
        "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", 
        "page": "https://support.apple.com/en-us/HT214035", 
        "rsr": ""
    }, 
    {
        "impact": "Private Browsing tabs may be accessed without authentication", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed through improved state management.", 
        "update": "", 
        "module": "Safari Private Browsing", 
        "id": "CVE-2023-42923", 
        "credit": "ARJUN S D", 
        "page": "https://support.apple.com/en-us/HT214035", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "macOS Sonoma", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "", 
        "module": "Archive Utility", 
        "id": "CVE-2023-42924", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "Multiple memory corruption issues were addressed with improved input validation.", 
        "update": "", 
        "module": "AppleGraphicsControl", 
        "id": "CVE-2023-42926", 
        "credit": "Ivan Fratric of Google Project Zero", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain elevated privileges", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved bounds checks.", 
        "update": "February 16, 2024", 
        "module": "FairPlay", 
        "id": "CVE-2023-42928", 
        "credit": "Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng (@peternguyen14) of STAR Labs SG Pte. Ltd.", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access protected user data", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "The issue was addressed with improved checks.", 
        "update": "December 22, 2023", 
        "module": "AppSandbox", 
        "id": "CVE-2023-42929", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access protected user data", 
        "available": "macOS Sonoma", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "", 
        "module": "TCC", 
        "id": "CVE-2023-42932", 
        "credit": "Zhongquan Li (@Guluisacat)", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to gain elevated privileges", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "This issue was addressed with improved checks.", 
        "update": "December 22, 2023", 
        "module": "Dev Tools", 
        "id": "CVE-2023-42933", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "An app with root privileges may be able to access private information", 
        "available": "Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac mini (2018 and later), MacBook Air (2018 and later), MacBook Pro (2018 and later), and iMac Pro (2017)", 
        "description": "An information disclosure issue was addressed by removing the vulnerable code.", 
        "update": "December 22, 2023", 
        "module": "Photos Storage", 
        "id": "CVE-2023-42934", 
        "credit": "Wojciech Regula of SecuRing (wojciechregula.blog)", 
        "page": "https://support.apple.com/en-us/HT213940", 
        "rsr": ""
    }, 
    {
        "impact": "A local attacker may be able to view the previous logged in user\u2019s desktop from the fast user switching screen", 
        "available": "macOS Sonoma", 
        "description": "An authentication issue was addressed with improved state management.", 
        "update": "January 22, 2024", 
        "module": "LoginWindow", 
        "id": "CVE-2023-42935", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "A privacy issue was addressed with improved private data redaction for log entries.", 
        "update": "January 22, 2024", 
        "module": "Accessibility", 
        "id": "CVE-2023-42937", 
        "credit": "Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)", 
        "page": "https://support.apple.com/en-us/HT214035", 
        "rsr": ""
    }, 
    {
        "impact": "A user's private browsing activity may be unexpectedly saved in the App Privacy Report", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "A logic issue was addressed with improved checks.", 
        "update": "February 16, 2024", 
        "module": "WebKit", 
        "id": "CVE-2023-42939", 
        "credit": "Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal India", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "A user who shares their screen may unintentionally share the incorrect content", 
        "available": "macOS Sonoma", 
        "description": "A session rendering issue was addressed with improved session tracking.", 
        "update": "", 
        "module": "WindowServer", 
        "id": "CVE-2023-42940", 
        "credit": "Craig Hockenberry", 
        "page": "https://support.apple.com/en-us/HT214048", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker in a privileged network position may be able to perform a denial-of-service attack using crafted Bluetooth packets", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "January 10, 2024", 
        "module": "Bluetooth", 
        "id": "CVE-2023-42941", 
        "credit": "Christopher Reynolds", 
        "page": "https://support.apple.com/en-us/HT214035", 
        "rsr": ""
    }, 
    {
        "impact": "A malicious app may be able to gain root privileges", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed with improved handling of symlinks.", 
        "update": "February 16, 2024", 
        "module": "libxpc", 
        "id": "CVE-2023-42942", 
        "credit": "Mickey Jin (@patch1t)", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An app may gain unauthorized access to Bluetooth", 
        "available": "macOS Sonoma", 
        "description": "A permissions issue was addressed with additional restrictions.", 
        "update": "February 16, 2024", 
        "module": "Bluetooth", 
        "id": "CVE-2023-42945", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to leak sensitive user information", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "This issue was addressed with improved redaction of sensitive information.", 
        "update": "February 16, 2024", 
        "module": "Siri", 
        "id": "CVE-2023-42946", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "A user may be unable to delete browsing history items", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved handling of caches.", 
        "update": "February 16, 2024", 
        "module": "Safari", 
        "id": "CVE-2023-42951", 
        "credit": "Adis Alic", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An app with root privileges may be able to access private information", 
        "available": "macOS Ventura", 
        "description": "The issue was addressed with improved checks.", 
        "update": "February 16, 2024", 
        "module": "Automation", 
        "id": "CVE-2023-42952", 
        "credit": "Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)", 
        "page": "https://support.apple.com/en-us/HT214038", 
        "rsr": ""
    }, 
    {
        "impact": "An app may be able to access sensitive user data", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "A permissions issue was addressed with additional restrictions.", 
        "update": "February 16, 2024", 
        "module": "Game Center", 
        "id": "CVE-2023-42953", 
        "credit": "Michael (Biscuit) Thomas - @biscuit@social.lol", 
        "page": "https://support.apple.com/en-us/HT213982", 
        "rsr": ""
    }, 
    {
        "impact": "An attacker in a privileged network position may be able to inject keystrokes by spoofing a keyboard", 
        "available": "iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed with improved checks.", 
        "update": "December 11, 2023", 
        "module": "Bluetooth", 
        "id": "CVE-2023-45866", 
        "credit": "Marc Newlin of SkySafe", 
        "page": "https://support.apple.com/en-us/HT214035", 
        "rsr": ""
    }, 
    {
        "impact": "Processing malicious input may lead to code execution", 
        "available": "macOS Sonoma", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "Vim", 
        "id": "CVE-2023-4733", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "Processing malicious input may lead to code execution", 
        "available": "macOS Sonoma", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "Vim", 
        "id": "CVE-2023-4734", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "Processing malicious input may lead to code execution", 
        "available": "macOS Sonoma", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "Vim", 
        "id": "CVE-2023-4735", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "Processing malicious input may lead to code execution", 
        "available": "macOS Sonoma", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "Vim", 
        "id": "CVE-2023-4736", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "Processing malicious input may lead to code execution", 
        "available": "macOS Sonoma", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "Vim", 
        "id": "CVE-2023-4738", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "Processing malicious input may lead to code execution", 
        "available": "macOS Sonoma", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "Vim", 
        "id": "CVE-2023-4750", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "Processing malicious input may lead to code execution", 
        "available": "macOS Sonoma", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "Vim", 
        "id": "CVE-2023-4751", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "Processing malicious input may lead to code execution", 
        "available": "macOS Sonoma", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "Vim", 
        "id": "CVE-2023-4752", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "Processing malicious input may lead to code execution", 
        "available": "macOS Sonoma", 
        "description": "A use-after-free issue was addressed with improved memory management.", 
        "update": "", 
        "module": "Vim", 
        "id": "CVE-2023-4781", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT213984", 
        "rsr": ""
    }, 
    {
        "impact": "A buffer overflow may result in arbitrary code execution", 
        "available": "iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later", 
        "description": "The issue was addressed by updating to libvpx 1.13.1.", 
        "update": "", 
        "module": "WebRTC", 
        "id": "CVE-2023-5217", 
        "credit": "", 
        "bugzilla": "262365", 
        "page": "https://support.apple.com/en-us/HT213972", 
        "rsr": ""
    }, 
    {
        "impact": "Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution", 
        "available": "macOS Sonoma", 
        "description": "This issue was addressed by updating to Vim version 9.0.1969.", 
        "update": "", 
        "module": "Vim", 
        "id": "CVE-2023-5344", 
        "credit": "", 
        "page": "https://support.apple.com/en-us/HT214036", 
        "rsr": ""
    }
]