VYPR

macOS Sonoma

by Apple Inc.

CVEs (436)

  • CVE-2024-23289LowMar 8, 2024
    risk 0.21cvss 3.3epss 0.00

    A lock screen issue was addressed with improved state management. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. A person with physical access to a device may be able to use Siri to access private calendar…

  • CVE-2024-23257LowMar 8, 2024
    risk 0.21cvss 3.3epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, visionOS 1.1. Processing an image may result in disclosure of process memory.

  • CVE-2024-23238LowMar 8, 2024
    risk 0.21cvss 3.3epss 0.00

    An access issue was addressed with improved access restrictions. This issue is fixed in macOS Sonoma 14.4. An app may be able to edit NVRAM variables.

  • CVE-2024-23232LowMar 8, 2024
    risk 0.21cvss 3.3epss 0.00

    A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.4. An app may be able to capture a user's screen.

  • CVE-2024-23217LowJan 23, 2024
    risk 0.21cvss 3.3epss 0.00

    A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.5, watchOS 10.3. An app may be able to bypass certain Privacy preferences.

  • CVE-2024-23211LowJan 23, 2024
    risk 0.21cvss 3.3epss 0.00

    A privacy issue was addressed with improved handling of user preferences. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A user's private browsing activity may be visible in Settings.

  • CVE-2024-23210LowJan 23, 2024
    risk 0.21cvss 3.3epss 0.00

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. An app may be able to view a user's phone number in system logs.

  • CVE-2025-43408LowNov 4, 2025
    risk 0.16cvss 2.4epss 0.00

    This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An attacker with physical access may be able to access contacts from the lock screen.

  • CVE-2024-27862LowJul 29, 2024
    risk 0.16cvss 2.4epss 0.01

    A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.6. Enabling Lockdown Mode while setting up a Mac may cause FileVault to become unexpectedly disabled.

  • CVE-2024-23255LowMar 8, 2024
    risk 0.16cvss 2.4epss 0.01

    An authentication issue was addressed with improved state management. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Photos in the Hidden Photos Album may be viewed without authentication.

  • CVE-2023-42917KEVNov 30, 2023
    risk 0.12cvss epss 0.09

    A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been…

  • CVE-2023-42916KEVNov 30, 2023
    risk 0.12cvss epss 0.18

    An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been…

  • CVE-2026-20701Mar 25, 2026
    risk 0.00cvss epss 0.00

    An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to connect to a network share without user consent.

  • CVE-2026-28891Mar 25, 2026
    risk 0.00cvss epss 0.00

    A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to break out of its sandbox.

  • CVE-2026-28828Mar 25, 2026
    risk 0.00cvss epss 0.00

    A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.

  • CVE-2026-28832Mar 25, 2026
    risk 0.00cvss epss 0.00

    An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to disclose kernel memory.

  • CVE-2026-20697Mar 25, 2026
    risk 0.00cvss epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.

  • CVE-2026-28835Mar 25, 2026
    risk 0.00cvss epss 0.00

    A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. Mounting a maliciously crafted SMB network share may lead to system termination.

  • CVE-2026-28818Mar 25, 2026
    risk 0.00cvss epss 0.00

    A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.

  • CVE-2026-28876Mar 25, 2026
    risk 0.00cvss epss 0.00

    A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to access…

Page 15 of 22