VYPR

macOS

by Apple Inc.

CVEs (3,266)

  • CVE-2024-54508HigDec 12, 2024
    risk 0.49cvss 7.5epss 0.01

    The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash.

  • CVE-2024-54479HigDec 12, 2024
    risk 0.49cvss 7.5epss 0.02

    The issue was addressed with improved checks. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash.

  • CVE-2024-44289HigOct 28, 2024
    risk 0.49cvss 7.5epss 0.01

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to read sensitive location information.

  • CVE-2024-44259HigOct 28, 2024
    risk 0.49cvss 7.5epss 0.01

    This issue was addressed through improved state management. This issue is fixed in Safari 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1. An attacker may be able to misuse a trust relationship to download malicious content.

  • CVE-2024-44165HigSep 17, 2024
    risk 0.49cvss 7.5epss 0.01

    A logic issue was addressed with improved checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, visionOS 2. Network traffic may leak outside a VPN tunnel.

  • CVE-2024-40856HigSep 17, 2024
    risk 0.49cvss 7.5epss 0.01

    An integrity issue was addressed with Beacon Protection. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18. An attacker may be able to force a device to disconnect from a secure network.

  • CVE-2024-40848HigSep 17, 2024
    risk 0.49cvss 7.5epss 0.01

    A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An attacker may be able to read sensitive information.

  • CVE-2024-40815HigJul 29, 2024
    risk 0.49cvss 7.5epss 0.01

    A race condition was addressed with additional validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer…

  • CVE-2024-40803HigJul 29, 2024
    risk 0.49cvss 7.5epss 0.01

    A type confusion issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An attacker may be able to cause unexpected app termination.

  • CVE-2024-40786HigJul 29, 2024
    risk 0.49cvss 7.5epss 0.01

    This issue was addressed through improved state management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Ventura 13.6.8. An attacker may be able to view sensitive user information.

  • CVE-2024-23261HigJul 29, 2024
    risk 0.49cvss 7.5epss 0.01

    A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventura 13.6.8. An attacker may be able to read information belonging to another user.

  • CVE-2024-23204HigJan 23, 2024
    risk 0.49cvss 7.5epss 0.02

    The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.4, macOS Sonoma 14.3, macOS Ventura 13.6.5, watchOS 10.3. A shortcut may be able to use sensitive data with certain…

  • CVE-2024-23203HigJan 23, 2024
    risk 0.49cvss 7.5epss 0.01

    The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.5. A shortcut may be able to use sensitive data with certain actions without prompting the user.

  • CVE-2018-4230HigJun 8, 2018
    risk 0.49cvss 7.0epss 0.04

    An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that triggers a SetAppSupportBits…

  • CVE-2018-4227HigJun 8, 2018
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Mail" component. It allows remote attackers to read the cleartext content of S/MIME encrypted messages via direct exfiltration.

  • CVE-2018-4221HigJun 8, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Security" component. It allows web sites to track users by leveraging the transmission of S/MIME client certificates.

  • CVE-2018-4184HigJun 8, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Speech" component. It allows attackers to bypass a sandbox protection mechanism to obtain microphone access.

  • CVE-2018-4142HigApr 3, 2018
    risk 0.49cvss 7.5epss 0.03

    An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service…

  • CVE-2018-4100HigApr 3, 2018
    risk 0.49cvss 7.5epss 0.03

    An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. watchOS before 4.2.2 is affected. The issue involves the "LinkPresentation" component. It allows remote attackers to cause a denial of service (resource…

  • CVE-2017-13837HigApr 3, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Installer" component. It does not properly restrict an app's entitlements for accessing the FileVault unlock key.

Page 22 of 164