VYPR

macOS Sonoma

by Apple Inc.

CVEs (436)

  • CVE-2023-42847HigOct 25, 2023
    risk 0.49cvss 7.5epss 0.01

    A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An attacker may be able to access passkeys without authentication.

  • CVE-2023-40407HigSep 27, 2023
    risk 0.49cvss 7.5epss 0.01

    The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14. A remote attacker may be able to cause a denial-of-service.

  • CVE-2025-30460HigMar 31, 2025
    risk 0.48cvss 7.4epss 0.01

    A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access protected user data.

  • CVE-2026-20606HigFeb 11, 2026
    risk 0.46cvss 7.1epss 0.00

    This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to bypass certain Privacy preferences.

  • CVE-2025-43338HigNov 4, 2025
    risk 0.46cvss 7.1epss 0.00

    An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 26 and iPadOS 26, macOS Sonoma 14.8.2, macOS Sonoma 14.8.4, macOS Tahoe 26. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process…

  • CVE-2025-24176HigJan 27, 2025
    risk 0.46cvss 7.1epss 0.00

    A permissions issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. A local attacker may be able to elevate their privileges.

  • CVE-2024-44159HigOct 28, 2024
    risk 0.46cvss 7.1epss 0.00

    A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to bypass Privacy preferences.

  • CVE-2024-40821HigJul 29, 2024
    risk 0.46cvss 7.1epss 0.00

    An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. Third party app extensions may not receive the correct sandbox restrictions.

  • CVE-2024-27825HigMay 14, 2024
    risk 0.46cvss 7.1epss 0.00

    A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.5. An app may be able to bypass certain Privacy preferences.

  • CVE-2024-23249HigMar 8, 2024
    risk 0.46cvss 7.1epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4. Processing a file may lead to a denial-of-service or potentially disclose memory contents.

  • CVE-2024-23248HigMar 8, 2024
    risk 0.46cvss 7.1epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4. Processing a file may lead to a denial-of-service or potentially disclose memory contents.

  • CVE-2024-23216HigMar 8, 2024
    risk 0.46cvss 7.1epss 0.00

    A path handling issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to overwrite arbitrary files.

  • CVE-2023-42876HigJan 10, 2024
    risk 0.46cvss 7.1epss 0.00

    The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14. Processing a file may lead to a denial-of-service or potentially disclose memory contents.

  • CVE-2023-40452HigSep 27, 2023
    risk 0.46cvss 7.1epss 0.00

    The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to overwrite arbitrary files.

  • CVE-2024-27878MedJul 29, 2024
    risk 0.44cvss 6.7epss 0.00

    A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.6. An app may be able to execute arbitrary code with kernel privileges.

  • CVE-2023-41989MedOct 25, 2023
    risk 0.44cvss 6.8epss 0.01

    The issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1. An attacker may be able to execute arbitrary code as root from the Lock Screen.

  • CVE-2023-41988MedOct 25, 2023
    risk 0.44cvss 6.8epss 0.01

    This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data.

  • CVE-2025-31235MedMay 12, 2025
    risk 0.42cvss 6.5epss 0.00

    A double free issue was addressed with improved memory management. This issue is fixed in iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app may be able to cause unexpected system termination.

  • CVE-2024-54564MedMar 21, 2025
    risk 0.42cvss 6.5epss 0.00

    This issue was addressed through improved state management. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, visionOS 1.3. A file received from AirDrop may not have the quarantine flag applied.

  • CVE-2024-44294MedOct 28, 2024
    risk 0.42cvss 6.5epss 0.01

    A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An attacker with root privileges may be able to delete protected system files.

Page 7 of 22