Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS version 15, which originates from an application that may be able to access protected user data...

CVE-2024-40863

This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to leak sensitive user information...

CVE-2024-40863

This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to leak sensitive user information...

CVE-2024-40863

CVE-2024-40863 affects Apple iOS 18 and iPadOS 18. The related documents indicate a local-source vulnerability where a sandboxed app may leak sensitive user information, with the issue fixed in iOS 18 / iPadOS 18. The root cause/technical specifics are not fully enumerated in the provided sources...

CVE-2024-44130

CVE-2024-44130 affects macOS and was fixed in macOS Sequoia 15. The issue permits a root-privileged app to access private information due to inadequate data protection. The vulnerability is addressed with improved data protection measures in Sequoia 15. Evidence from multiple connected sources co...

CVE-2024-44130

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15. An app with root privileges may be able to access private information...

CVE-2024-44130

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15. An app with root privileges may be able to access private information...

CVE-2024-40830

This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to enumerate a user's installed apps...

CVE-2024-40830

This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to enumerate a user's installed apps...

CVE-2024-40830

The CVE-2024-40830 issue affects Apple iOS 18 and iPadOS 18, where an app may be able to enumerate a user’s installed apps. The Connected/NVD entries confirm the vulnerability and state the fix is implemented in iOS 18 / iPadOS 18, addressing data protection to prevent this enumeration. The prima...

From Breach to Recovery: Designing an Identity-Focused Incident Response Playbook

Imagine this... You arrive at work to a chaotic scene. Systems are down, panic is in the air. The culprit? Not a rogue virus, but a compromised identity. The attacker is inside your walls, masquerading as a trusted user. This isn't a horror movie, it's the new reality of cybercrime. The question...

About the security content of iOS 18 and iPadOS 18

About the security content of iOS 18 and iPadOS 18 This document describes the security content of iOS 18 and iPadOS 18. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

PT-2024-29087

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18 iPadOS versions prior to 18 Description The issue allows an app to potentially enumerate a user's installed apps. This was addressed with improved data protection. Recommendations For iOS versions prior to 18, update t...

PT-2024-30972 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15 Description: The issue allows an app with root privileges to potentially access private information due to inadequate data protection. This has been addressed with improved data protection measures. Recommendations:...

CVE-2024-39925

An issue was discovered in Vaultwarden formerly BitwardenRS 1.30.3. It lacks an offboarding process for members who leave an organization. As a result, the shared organization key is not rotated when a member departs. Consequently, the departing member, whose access should be revoked, retains a...

The vulnerability of the Python interpreter of the Cisco NX-OS operating system for Cisco Nexus switches allows a hacker to execute arbitrary commands.

The vulnerability of the Python interpreter in the Cisco NX-OS operating system of Cisco Nexus switches is related to a breach in the data protection mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary commands in the underlying operating system...

The vulnerability of the snmp_facts module in the Ansible configuration management system arises from insufficient protection of registration data, allowing attackers to access confidential information.

The vulnerability of the snmpfacts module in the Ansible configuration management system is related to insufficient protection for registration data. Exploiting this vulnerability can allow attackers to access confidential information...

The vulnerability of the RabbitMQ message broker, related to insufficient protection of registration data, allows a hacker to access confidential information.

The vulnerability of the RabbitMQ messaging broker is related to insufficient protection for registration data. Exploiting this vulnerability can allow an attacker to access confidential information...

The vulnerability of the Ansible configuration management system, related to insufficient protection of registration data, allows a perpetrator to gain access to confidential information.

The vulnerability of the Ansible configuration management system is related to insufficient protection for registration data. Exploiting this vulnerability can allow an attacker to access confidential information...

The vulnerability of the Ansible configuration management system, related to insufficient protection of registration data, allows a perpetrator to gain access to confidential information.

The vulnerability of the Ansible configuration management system is related to insufficient protection for registration data. Exploiting this vulnerability can allow an attacker to access confidential information...