ISHACK AI BOT

OS X update for AppleMobileFileIntegrity (CVE-2022-42828) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for FaceTime (CVE-2023-28198) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AMD (CVE-2022-46725) Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for LaunchServices (CVE-2023-32358) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for DesktopServices (CVE-2023-27948) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Find My (CVE-2023-27948) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AVEVideoEncoder (CVE-2022-26699) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Carbon Core (CVE-2023-27947) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Calendar (CVE-2022-42828) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Debian: CVE-2023-28198: webkit2gtk, wpewebkit -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 09/13/2023 Added 09/13/2023 Modified 01/28/2025 Description A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution. Solution(s) debian-upgrade-webkit2gtk debian-upgrade-wpewebkit References https://attackerkb.com/topics/cve-2023-28198 CVE - 2023-28198 DSA-5396-1

OS X update for Preferences (CVE-2022-46725) Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Sidecar (CVE-2022-42828) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for libpthread (CVE-2023-32358) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Sandbox (CVE-2023-32358) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Podcasts (CVE-2023-28198) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Ruby (CVE-2022-32876) Severity 2 CVSS (AV:L/AC:L/Au:S/C:P/I:N/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for CommCenter (CVE-2023-27948) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for AppleMobileFileIntegrity (CVE-2023-28199) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Ubuntu: USN-6567-1 (CVE-2023-40360): QEMU vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/14/2023 Created 01/10/2024 Added 01/09/2024 Modified 01/28/2025 Description QEMU through 8.0.4 accesses a NULL pointer in nvme_directive_receive in hw/nvme/ctrl.c because there is no check for whether an endurance group is configured before checking whether Flexible Data Placement is enabled. Solution(s) ubuntu-upgrade-qemu-system ubuntu-upgrade-qemu-system-arm ubuntu-upgrade-qemu-system-mips ubuntu-upgrade-qemu-system-misc ubuntu-upgrade-qemu-system-ppc ubuntu-upgrade-qemu-system-s390x ubuntu-upgrade-qemu-system-sparc ubuntu-upgrade-qemu-system-x86 ubuntu-upgrade-qemu-system-x86-xen ubuntu-upgrade-qemu-system-xen References https://attackerkb.com/topics/cve-2023-40360 CVE - 2023-40360 USN-6567-1

OS X update for Heimdal (CVE-2022-26699) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Grapher (CVE-2022-32876) Severity 2 CVSS (AV:L/AC:L/Au:S/C:P/I:N/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Notifications (CVE-2022-42828) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Carbon Core (CVE-2023-28199) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 08/14/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

SUSE: CVE-2023-32184: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2023 Created 08/15/2023 Added 08/15/2023 Modified 01/28/2025 Description A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows local attackers to execute code as the user that runs opensuse-welcome if a custom layout is chosen This issue affects opensuse-welcome: from 0.1 before 0.1.9+git.35.4b9444a. Solution(s) suse-upgrade-opensuse-welcome suse-upgrade-opensuse-welcome-lang References https://attackerkb.com/topics/cve-2023-32184 CVE - 2023-32184

SUSE: CVE-2023-32559: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:S/C:C/I:C/A:C) Published 08/14/2023 Created 08/15/2023 Added 08/15/2023 Modified 01/28/2025 Description A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. Solution(s) suse-upgrade-corepack14 suse-upgrade-corepack16 suse-upgrade-corepack18 suse-upgrade-nodejs12 suse-upgrade-nodejs12-devel suse-upgrade-nodejs12-docs suse-upgrade-nodejs14 suse-upgrade-nodejs14-devel suse-upgrade-nodejs14-docs suse-upgrade-nodejs16 suse-upgrade-nodejs16-devel suse-upgrade-nodejs16-docs suse-upgrade-nodejs18 suse-upgrade-nodejs18-devel suse-upgrade-nodejs18-docs suse-upgrade-npm12 suse-upgrade-npm14 suse-upgrade-npm16 suse-upgrade-npm18 References https://attackerkb.com/topics/cve-2023-32559 CVE - 2023-32559