Filtered by vendor Apple
Subscriptions
Filtered by product Macos
Subscriptions
Total
3427 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-40799 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-08-23 | 7.1 High |
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing a maliciously crafted file may lead to unexpected app termination. | ||||
CVE-2024-40803 | 1 Apple | 1 Macos | 2024-08-23 | 7.5 High |
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An attacker may be able to cause unexpected app termination. | ||||
CVE-2024-40804 | 1 Apple | 1 Macos | 2024-08-23 | 5.5 Medium |
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. A malicious application may be able to access private information. | ||||
CVE-2024-40827 | 1 Apple | 1 Macos | 2024-08-23 | 5.5 Medium |
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to overwrite arbitrary files. | ||||
CVE-2024-40832 | 1 Apple | 1 Macos | 2024-08-23 | 3.3 Low |
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. An app may be able to view a contact's phone number in system logs. | ||||
CVE-2024-40833 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-08-23 | 5.5 Medium |
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Ventura 13.6.8. A shortcut may be able to use sensitive data with certain actions without prompting the user. | ||||
CVE-2024-40834 | 1 Apple | 1 Macos | 2024-08-23 | 4.4 Medium |
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. A shortcut may be able to bypass sensitive Shortcuts app settings. | ||||
CVE-2024-40835 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-08-23 | 5.5 Medium |
A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, macOS Sonoma 14.6. A shortcut may be able to use sensitive data with certain actions without prompting the user. | ||||
CVE-2023-24068 | 4 Apple, Linux, Microsoft and 1 more | 4 Macos, Linux Kernel, Windows and 1 more | 2024-08-22 | 7.8 High |
Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to modify conversation attachments within the attachments.noindex directory. Client mechanisms fail to validate modifications of existing cached files, resulting in an attacker's ability to insert malicious code into pre-existing attachments or replace them completely. A threat actor can forward the existing attachment in the corresponding conversation to external groups, and the name and size of the file will not change, allowing the malware to masquerade as another file. NOTE: the vendor disputes the relevance of this finding because the product is not intended to protect against adversaries with this degree of local access. | ||||
CVE-2023-42892 | 1 Apple | 1 Macos | 2024-08-21 | 7.8 High |
A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.2, macOS Monterey 12.7.2. A local attacker may be able to elevate their privileges. | ||||
CVE-2024-39383 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-08-20 | 7.8 High |
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2024-40778 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-08-20 | 3.3 Low |
An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, iOS 16.7.9 and iPadOS 16.7.9. Photos in the Hidden Photos Album may be viewed without authentication. | ||||
CVE-2024-23299 | 1 Apple | 1 Macos | 2024-08-20 | 8.6 High |
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Ventura 13.6.5, macOS Monterey 12.7.4. An app may be able to break out of its sandbox. | ||||
CVE-2024-40776 | 1 Apple | 7 Ipados, Iphone Os, Macos and 4 more | 2024-08-20 | 4.3 Medium |
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
CVE-2024-40775 | 1 Apple | 1 Macos | 2024-08-20 | 5.5 Medium |
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to leak sensitive user information. | ||||
CVE-2024-40774 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-08-20 | 7.1 High |
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, macOS Sonoma 14.6. An app may be able to bypass Privacy preferences. | ||||
CVE-2024-27887 | 1 Apple | 1 Macos | 2024-08-20 | 5.5 Medium |
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data. | ||||
CVE-2024-27884 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-08-20 | 5.5 Medium |
This issue was addressed with a new entitlement. This issue is fixed in macOS Sonoma 14.5, watchOS 10.5, visionOS 1.2, tvOS 17.5, iOS 17.5 and iPadOS 17.5. An app may be able to access user-sensitive data. | ||||
CVE-2024-27883 | 1 Apple | 1 Macos | 2024-08-20 | 4.4 Medium |
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to modify protected parts of the file system. | ||||
CVE-2024-27882 | 1 Apple | 1 Macos | 2024-08-20 | 4.4 Medium |
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to modify protected parts of the file system. |