macOS
by Apple Inc.
CVEs (3,325)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-44165 | Hig | 0.49 | 7.5 | 0.01 | Sep 17, 2024 | A logic issue was addressed with improved checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, visionOS 2. Network traffic may leak outside a VPN tunnel. | ||
| CVE-2024-44152 | Hig | 0.49 | 7.5 | 0.01 | Sep 17, 2024 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data. | ||
| CVE-2024-44149 | Hig | 0.49 | 7.5 | 0.01 | Sep 17, 2024 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data. | ||
| CVE-2024-40856 | Hig | 0.49 | 7.5 | 0.01 | Sep 17, 2024 | An integrity issue was addressed with Beacon Protection. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18. An attacker may be able to force a device to disconnect from a secure network. | ||
| CVE-2024-40848 | Hig | 0.49 | 7.5 | 0.01 | Sep 17, 2024 | A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An attacker may be able to read sensitive information. | ||
| CVE-2024-40770 | Hig | 0.49 | 7.5 | 0.00 | Sep 17, 2024 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A non-privileged user may be able to modify restricted network settings. | ||
| CVE-2024-27795 | Hig | 0.49 | 7.5 | 0.01 | Sep 17, 2024 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A camera extension may be able to access the internet. | ||
| CVE-2024-40815 | Hig | 0.49 | 7.5 | 0.01 | Jul 29, 2024 | A race condition was addressed with additional validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer… | ||
| CVE-2024-40803 | Hig | 0.49 | 7.5 | 0.01 | Jul 29, 2024 | A type confusion issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An attacker may be able to cause unexpected app termination. | ||
| CVE-2024-40786 | Hig | 0.49 | 7.5 | 0.01 | Jul 29, 2024 | This issue was addressed through improved state management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Ventura 13.6.8. An attacker may be able to view sensitive user information. | ||
| CVE-2024-23261 | Hig | 0.49 | 7.5 | 0.01 | Jul 29, 2024 | A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventura 13.6.8. An attacker may be able to read information belonging to another user. | ||
| CVE-2023-42835 | Hig | 0.49 | 7.5 | 0.00 | Feb 21, 2024 | A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1. An attacker may be able to access user data. | ||
| CVE-2024-23204 | Hig | 0.49 | 7.5 | 0.02 | Jan 23, 2024 | The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.4, macOS Sonoma 14.3, macOS Ventura 13.6.5, watchOS 10.3. A shortcut may be able to use sensitive data with certain… | ||
| CVE-2024-23203 | Hig | 0.49 | 7.5 | 0.01 | Jan 23, 2024 | The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.5. A shortcut may be able to use sensitive data with certain actions without prompting the user. | ||
| CVE-2023-42869 | Hig | 0.49 | 7.5 | 0.01 | Jan 10, 2024 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, iOS 16.5 and iPadOS 16.5. Multiple issues in libxml2. | ||
| CVE-2023-40393 | Hig | 0.49 | 7.5 | 0.01 | Jan 10, 2024 | An authentication issue was addressed with improved state management. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. Photos in the Hidden Photos Album may be viewed without authentication. | ||
| CVE-2023-42847 | Hig | 0.49 | 7.5 | 0.01 | Oct 25, 2023 | A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An attacker may be able to access passkeys without authentication. | ||
| CVE-2023-42844 | Hig | 0.49 | 7.5 | 0.01 | Oct 25, 2023 | This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. A website may be able to access sensitive user data when resolving symlinks. | ||
| CVE-2023-40401 | Hig | 0.49 | 7.5 | 0.01 | Oct 25, 2023 | The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.6.1. An attacker may be able to access passkeys without authentication. | ||
| CVE-2023-40407 | Hig | 0.49 | 7.5 | 0.01 | Sep 27, 2023 | The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14. A remote attacker may be able to cause a denial-of-service. |
- risk 0.49cvss 7.5epss 0.01
A logic issue was addressed with improved checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, visionOS 2. Network traffic may leak outside a VPN tunnel.
- risk 0.49cvss 7.5epss 0.01
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data.
- risk 0.49cvss 7.5epss 0.01
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data.
- risk 0.49cvss 7.5epss 0.01
An integrity issue was addressed with Beacon Protection. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18. An attacker may be able to force a device to disconnect from a secure network.
- risk 0.49cvss 7.5epss 0.01
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An attacker may be able to read sensitive information.
- risk 0.49cvss 7.5epss 0.00
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A non-privileged user may be able to modify restricted network settings.
- risk 0.49cvss 7.5epss 0.01
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A camera extension may be able to access the internet.
- risk 0.49cvss 7.5epss 0.01
A race condition was addressed with additional validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer…
- risk 0.49cvss 7.5epss 0.01
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An attacker may be able to cause unexpected app termination.
- risk 0.49cvss 7.5epss 0.01
This issue was addressed through improved state management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Ventura 13.6.8. An attacker may be able to view sensitive user information.
- risk 0.49cvss 7.5epss 0.01
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventura 13.6.8. An attacker may be able to read information belonging to another user.
- risk 0.49cvss 7.5epss 0.00
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1. An attacker may be able to access user data.
- risk 0.49cvss 7.5epss 0.02
The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.4, macOS Sonoma 14.3, macOS Ventura 13.6.5, watchOS 10.3. A shortcut may be able to use sensitive data with certain…
- risk 0.49cvss 7.5epss 0.01
The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.5. A shortcut may be able to use sensitive data with certain actions without prompting the user.
- risk 0.49cvss 7.5epss 0.01
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, iOS 16.5 and iPadOS 16.5. Multiple issues in libxml2.
- risk 0.49cvss 7.5epss 0.01
An authentication issue was addressed with improved state management. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. Photos in the Hidden Photos Album may be viewed without authentication.
- risk 0.49cvss 7.5epss 0.01
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An attacker may be able to access passkeys without authentication.
- risk 0.49cvss 7.5epss 0.01
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. A website may be able to access sensitive user data when resolving symlinks.
- risk 0.49cvss 7.5epss 0.01
The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.6.1. An attacker may be able to access passkeys without authentication.
- risk 0.49cvss 7.5epss 0.01
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14. A remote attacker may be able to cause a denial-of-service.
Page 71 of 167