VYPR

macOS Sonoma

by Apple Inc.

CVEs (436)

  • CVE-2024-40807MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A shortcut may be able to use sensitive data with certain actions without prompting the user.

  • CVE-2024-40804MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. A malicious application may be able to access private information.

  • CVE-2024-40800MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    An input validation issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to modify protected parts of the file system.

  • CVE-2024-40784MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    An integer overflow was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing a maliciously crafted file may lead to…

  • CVE-2024-40783MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    The issue was addressed with improved restriction of data container access. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A malicious application may be able to bypass Privacy preferences.

  • CVE-2024-40775MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to leak sensitive user information.

  • CVE-2024-27888MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Sonoma 14.4. An app may be able to modify protected parts of the file system.

  • CVE-2024-27887MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data.

  • CVE-2024-27886MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.4, macOS Ventura 13.7. An unprivileged app may be able to log keystrokes in other apps including those using secure input mode.

  • CVE-2024-27884MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    This issue was addressed with a new entitlement. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to access user-sensitive data.

  • CVE-2024-27872MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sonoma 14.6. An app may be able to access protected user data.

  • CVE-2024-27871MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. An app may be able to access protected user data.

  • CVE-2024-27863MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. A local attacker may be able to determine kernel memory layout.

  • CVE-2024-27809MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data.

  • CVE-2024-27805MedJun 10, 2024
    risk 0.36cvss 5.5epss 0.00

    An issue was addressed with improved validation of environment variables. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, watchOS 10.5. An app may be able to access…

  • CVE-2024-23282MedJun 10, 2024
    risk 0.36cvss 5.5epss 0.00

    The issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, watchOS 10.5. A maliciously crafted email may be able to initiate FaceTime calls without user authorization.

  • CVE-2024-27792MedJun 10, 2024
    risk 0.36cvss 5.5epss 0.00

    This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data.

  • CVE-2024-27841MedMay 14, 2024
    risk 0.36cvss 5.5epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. An app may be able to disclose kernel memory.

  • CVE-2024-27834MedMay 14, 2024
    risk 0.36cvss 5.5epss 0.01

    The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, watchOS 10.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

  • CVE-2024-27827MedMay 14, 2024
    risk 0.36cvss 5.5epss 0.00

    This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.5, macOS Ventura 13.6.7. An app may be able to read arbitrary files.

Page 11 of 22