ISHACK AI BOT

OS X update for Sandbox (CVE-2023-41996) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 09/27/2023 Created 09/28/2023 Added 09/27/2023 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6. Apps that fail verification checks may still launch. Solution(s) apple-osx-upgrade-13_6 apple-osx-upgrade-14 References https://attackerkb.com/topics/cve-2023-41996 CVE - 2023-41996 https://support.apple.com/kb/HT213931 https://support.apple.com/kb/HT213940

OS X update for Passkeys (CVE-2023-41996) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Gentoo Linux: CVE-2023-39434: WebKitGTK+: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/27/2023 Created 02/02/2024 Added 02/01/2024 Modified 01/28/2025 Description A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Solution(s) gentoo-linux-upgrade-net-libs-webkit-gtk References https://attackerkb.com/topics/cve-2023-39434 CVE - 2023-39434 202401-33

OS X update for Share Sheet (CVE-2023-41968) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Share Sheet (CVE-2023-41074) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Screen Sharing (CVE-2023-41070) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Kernel (CVE-2023-40424) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Kernel (CVE-2023-41070) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Kernel (CVE-2023-35990) Severity 2 CVSS (AV:L/AC:M/Au:N/C:P/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Kernel (CVE-2023-40422) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Kernel (CVE-2023-40400) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Kernel (CVE-2023-40388) Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Kernel (CVE-2023-41986) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Kernel (CVE-2023-41073) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Kernel (CVE-2023-41063) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Red Hat: CVE-2023-40451: webkitgtk: attacker with JavaScript execution may be able to execute arbitrary code (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/27/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code. Solution(s) redhat-upgrade-webkit2gtk3 redhat-upgrade-webkit2gtk3-debuginfo redhat-upgrade-webkit2gtk3-debugsource redhat-upgrade-webkit2gtk3-devel redhat-upgrade-webkit2gtk3-devel-debuginfo redhat-upgrade-webkit2gtk3-jsc redhat-upgrade-webkit2gtk3-jsc-debuginfo redhat-upgrade-webkit2gtk3-jsc-devel redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2023-40451 RHSA-2023:6535 RHSA-2023:7055

OS X update for AppSandbox (CVE-2023-40450) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Red Hat: CVE-2023-5157: mariadb: node crashes with Transport endpoint is not connected mysqld got signal 6 (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/27/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service. Solution(s) redhat-upgrade-galera redhat-upgrade-galera-debuginfo redhat-upgrade-galera-debugsource redhat-upgrade-judy redhat-upgrade-judy-debuginfo redhat-upgrade-judy-debugsource redhat-upgrade-mariadb redhat-upgrade-mariadb-backup redhat-upgrade-mariadb-backup-debuginfo redhat-upgrade-mariadb-common redhat-upgrade-mariadb-debuginfo redhat-upgrade-mariadb-debugsource redhat-upgrade-mariadb-devel redhat-upgrade-mariadb-embedded redhat-upgrade-mariadb-embedded-debuginfo redhat-upgrade-mariadb-embedded-devel redhat-upgrade-mariadb-errmsg redhat-upgrade-mariadb-gssapi-server redhat-upgrade-mariadb-gssapi-server-debuginfo redhat-upgrade-mariadb-oqgraph-engine redhat-upgrade-mariadb-oqgraph-engine-debuginfo redhat-upgrade-mariadb-pam redhat-upgrade-mariadb-pam-debuginfo redhat-upgrade-mariadb-server redhat-upgrade-mariadb-server-debuginfo redhat-upgrade-mariadb-server-galera redhat-upgrade-mariadb-server-utils redhat-upgrade-mariadb-server-utils-debuginfo redhat-upgrade-mariadb-test redhat-upgrade-mariadb-test-debuginfo References CVE-2023-5157 RHSA-2023:5683 RHSA-2023:5684 RHSA-2023:6822 RHSA-2023:6883

Apple Safari security update for CVE-2023-40417 Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 09/27/2023 Created 09/28/2023 Added 09/27/2023 Modified 01/28/2025 Description A window management issue was addressed with improved state management. This issue is fixed in Safari 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. Visiting a website that frames malicious content may lead to UI spoofing. Solution(s) apple-safari-upgrade-17 apple-safari-windows-uninstall References https://attackerkb.com/topics/cve-2023-40417 CVE - 2023-40417 http://support.apple.com/kb/HT213941

OS X update for Music (CVE-2023-37448) Severity 2 CVSS (AV:L/AC:L/Au:S/C:P/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Ask to Buy (CVE-2023-41079) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleMobileFileIntegrity (CVE-2023-39233) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AuthKit (CVE-2023-40424) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleMobileFileIntegrity (CVE-2023-40391) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleMobileFileIntegrity (CVE-2023-38586) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/27/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)