macOS
macOS 13.6.5
Official advisory32 CVEs fixed by this release.
- Release date
- 2024-03-07
- End of support
- 2025-09-15 EOL
- CVEs fixed
- 32
- CISA KEV
- 1
- Critical
- 0
- High
- 0
- NVD pending
- 32
CVEs fixed
| CVE | Severity | KEV | Published | Description |
|---|---|---|---|---|
|
CVE-2024-23225
KEV
[Apple Kernel] An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protecti… |
N/A | KEV | [Apple Kernel] An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that thi… | |
|
CVE-2024-23229
[Apple Find My] A malicious application may be able to access Find My data |
N/A | — | [Apple Find My] A malicious application may be able to access Find My data | |
|
CVE-2023-28826
[Apple MediaRemote] An app may be able to access sensitive user data |
N/A | — | [Apple MediaRemote] An app may be able to access sensitive user data | |
|
CVE-2023-40389
[Apple Transparency] An app may be able to access sensitive user data |
N/A | — | [Apple Transparency] An app may be able to access sensitive user data | |
|
CVE-2024-23201
[Apple macOS Sonoma 14.3] A malicious website may cause unexpected cross-origin behavior |
N/A | — | [Apple macOS Sonoma 14.3] A malicious website may cause unexpected cross-origin behavior | |
|
CVE-2024-23203
[Apple macOS Sonoma 14.3] A malicious website may cause unexpected cross-origin behavior |
N/A | — | [Apple macOS Sonoma 14.3] A malicious website may cause unexpected cross-origin behavior | |
|
CVE-2024-23204
[Apple macOS Sonoma 14.3] A malicious website may cause unexpected cross-origin behavior |
N/A | — | [Apple macOS Sonoma 14.3] A malicious website may cause unexpected cross-origin behavior | |
|
CVE-2024-23216
[Apple PackageKit] An app may be able to overwrite arbitrary files |
N/A | — | [Apple PackageKit] An app may be able to overwrite arbitrary files | |
|
CVE-2024-23217
[Apple macOS Sonoma 14.3] A malicious website may cause unexpected cross-origin behavior |
N/A | — | [Apple macOS Sonoma 14.3] A malicious website may cause unexpected cross-origin behavior | |
|
CVE-2024-23218
[Apple macOS Sonoma 14.3] A malicious website may cause unexpected cross-origin behavior |
N/A | — | [Apple macOS Sonoma 14.3] A malicious website may cause unexpected cross-origin behavior | |
|
CVE-2024-23227
[Apple Airport] An app may be able to read sensitive location information |
N/A | — | [Apple Airport] An app may be able to read sensitive location information | |
|
CVE-2024-23230
[Apple SharedFileList] An app may be able to access sensitive user data |
N/A | — | [Apple SharedFileList] An app may be able to access sensitive user data | |
|
CVE-2024-23231
[Apple Share Sheet] An app may be able to access user-sensitive data |
N/A | — | [Apple Share Sheet] An app may be able to access user-sensitive data | |
|
CVE-2024-23234
[Apple Intel Graphics Driver] An app may be able to execute arbitrary code with kernel privileges |
N/A | — | [Apple Intel Graphics Driver] An app may be able to execute arbitrary code with kernel privileges | |
|
CVE-2024-23245
[Apple Shortcuts] Third-party shortcuts may use a legacy action from Automator to send events to apps without user cons… |
N/A | — | [Apple Shortcuts] Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent | |
|
CVE-2024-23247
[Apple ColorSync] Processing a file may lead to unexpected app termination or arbitrary code execution |
N/A | — | [Apple ColorSync] Processing a file may lead to unexpected app termination or arbitrary code execution | |
|
CVE-2024-23257
[Apple ImageIO] Processing an image may result in disclosure of process memory |
N/A | — | [Apple ImageIO] Processing an image may result in disclosure of process memory | |
|
CVE-2024-23264
[Apple Metal] An application may be able to read restricted memory |
N/A | — | [Apple Metal] An application may be able to read restricted memory | |
|
CVE-2024-23265
[Apple Kernel] An app may be able to cause unexpected system termination or write kernel memory |
N/A | — | [Apple Kernel] An app may be able to cause unexpected system termination or write kernel memory | |
|
CVE-2024-23266
[Apple Kerberos v5 PAM module] An app may be able to modify protected parts of the file system |
N/A | — | [Apple Kerberos v5 PAM module] An app may be able to modify protected parts of the file system | |
|
CVE-2024-23267
[Apple PackageKit] An app may be able to bypass certain Privacy preferences |
N/A | — | [Apple PackageKit] An app may be able to bypass certain Privacy preferences | |
|
CVE-2024-23268
[Apple PackageKit] An app may be able to elevate privileges |
N/A | — | [Apple PackageKit] An app may be able to elevate privileges | |
|
CVE-2024-23269
[Apple AppleMobileFileIntegrity] An app may be able to modify protected parts of the file system |
N/A | — | [Apple AppleMobileFileIntegrity] An app may be able to modify protected parts of the file system | |
|
CVE-2024-23270
[Apple Image Processing] An app may be able to execute arbitrary code with kernel privileges |
N/A | — | [Apple Image Processing] An app may be able to execute arbitrary code with kernel privileges | |
|
CVE-2024-23272
[Apple Storage Services] A user may gain access to protected parts of the file system |
N/A | — | [Apple Storage Services] A user may gain access to protected parts of the file system | |
|
CVE-2024-23274
[Apple PackageKit] An app may be able to elevate privileges |
N/A | — | [Apple PackageKit] An app may be able to elevate privileges | |
|
CVE-2024-23275
[Apple PackageKit] An app may be able to access protected user data |
N/A | — | [Apple PackageKit] An app may be able to access protected user data | |
|
CVE-2024-23276
[Apple Admin Framework] An app may be able to elevate privileges |
N/A | — | [Apple Admin Framework] An app may be able to elevate privileges | |
|
CVE-2024-23278
[Apple libxpc] An app may be able to break out of its sandbox |
N/A | — | [Apple libxpc] An app may be able to break out of its sandbox | |
|
CVE-2024-23283
[Apple Notes] An app may be able to access user-sensitive data |
N/A | — | [Apple Notes] An app may be able to access user-sensitive data | |
|
CVE-2024-23286
[Apple ImageIO] Processing an image may lead to arbitrary code execution |
N/A | — | [Apple ImageIO] Processing an image may lead to arbitrary code execution | |
|
CVE-2024-23299
[Apple Disk Images] An app may be able to break out of its sandbox |
N/A | — | [Apple Disk Images] An app may be able to break out of its sandbox |