Published threat advisories for June 23, 2023

A type confusion vulnerability in Apple software could allow attackers to execute arbitrary code by processing malicious web content. Apple is aware of reports that this issue may have been actively exploited, posing a risk to affected organizations and their data.

NVD published: June 23, 2023 • CISA KEV

A memory corruption flaw in Apple products allows arbitrary code execution when processing web content. This impacts organizations using affected Apple devices and software. Business risk includes potential unauthorized code execution.

NVD published: June 23, 2023 • CISA KEV

An integer overflow vulnerability in Apple operating systems could allow an application to execute arbitrary code with kernel privileges. This impacts iOS, iPadOS, macOS, and watchOS devices. The risk to organizations includes potential device compromise and unauthorized access to data.

NVD published: June 23, 2023 • CISA KEV

A vulnerability in Apple's WebKit allows remote attackers to bypass security restrictions, potentially affecting multiple Apple products and Safari. This could lead to unauthorized access and data compromise. Affected organizations should apply available updates to mitigate risk.

NVD published: June 23, 2023 • CISA KEV

A memory management vulnerability in Apple products may allow attackers to execute arbitrary code by processing malicious web content. This could impact affected organizations by compromising systems and data. Applying vendor updates is recommended to mitigate business risk.

NVD published: June 23, 2023 • CISA KEV

A vulnerability in Apple's WebKit framework may allow attackers to disclose sensitive information. This affects various Apple products and applications that rely on WebKit for processing web content. Active exploitation has been reported, posing a risk of data exposure for affected organizations.

NVD published: June 23, 2023 • CISA KEV