VYPR

macOS Sonoma

by Apple Inc.

CVEs (436)

  • CVE-2024-23215MedJan 23, 2024
    risk 0.36cvss 5.5epss 0.00

    An issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. An app may be able to access user-sensitive data.

  • CVE-2026-28838MedMar 25, 2026
    risk 0.34cvss 5.3epss 0.00

    A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to break out of its sandbox.

  • CVE-2026-20673MedFeb 11, 2026
    risk 0.34cvss 5.3epss 0.00

    A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. Turning off "Load remote content in messages” may not apply to all mail previews.

  • CVE-2025-43332MedSep 15, 2025
    risk 0.34cvss 5.2epss 0.00

    A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to break out of its sandbox.

  • CVE-2025-43308MedSep 15, 2025
    risk 0.34cvss 5.3epss 0.00

    This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access sensitive user data.

  • CVE-2025-43311MedSep 15, 2025
    risk 0.33cvss 5.1epss 0.00

    This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data.

  • CVE-2025-43420MedNov 4, 2025
    risk 0.31cvss 4.7epss 0.00

    A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data.

  • CVE-2025-24094MedJan 27, 2025
    risk 0.31cvss 4.7epss 0.00

    A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access user-sensitive data.

  • CVE-2024-27821MedMay 14, 2024
    risk 0.31cvss 4.7epss 0.01

    A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, watchOS 10.5. A shortcut may output sensitive user data without consent.

  • CVE-2024-23275MedMar 8, 2024
    risk 0.31cvss 4.7epss 0.00

    A race condition was addressed with additional validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to access protected user data.

  • CVE-2024-23239MedMar 8, 2024
    risk 0.31cvss 4.7epss 0.00

    A race condition was addressed with improved state handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. An app may be able to leak sensitive user information.

  • CVE-2024-23235MedMar 8, 2024
    risk 0.31cvss 4.7epss 0.01

    A race condition was addressed with additional validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. An app may be able to access user-sensitive data.

  • CVE-2026-20605MedFeb 11, 2026
    risk 0.30cvss 4.6epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to crash a system process.

  • CVE-2025-31264MedMay 29, 2025
    risk 0.30cvss 4.6epss 0.00

    An authentication issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.

  • CVE-2024-23251MedJun 10, 2024
    risk 0.30cvss 4.6epss 0.00

    An authentication issue was addressed with improved state management. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, watchOS 10.5. An attacker with physical access may be able to leak Mail account credentials.

  • CVE-2024-23293MedMar 8, 2024
    risk 0.30cvss 4.6epss 0.00

    This issue was addressed through improved state management. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. An attacker with physical access may be able to use Siri to access sensitive user data.

  • CVE-2025-43336MedNov 4, 2025
    risk 0.29cvss 4.4epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app with root privileges may be able to access private information.

  • CVE-2025-43310MedSep 15, 2025
    risk 0.29cvss 4.4epss 0.00

    A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to trick a user into copying sensitive data to the pasteboard.

  • CVE-2025-24136MedJan 27, 2025
    risk 0.29cvss 4.4epss 0.00

    This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. A malicious app may be able to create symlinks to protected regions of the disk.

  • CVE-2025-24116MedJan 27, 2025
    risk 0.29cvss 4.4epss 0.00

    An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to bypass Privacy preferences.

Page 13 of 22