CVE-2024-27823

A race condition was addressed with improved locking. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.3, watchOS 10.5. An attacker in a privileged network position may be able to...

CVE-2024-27885

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sonoma 14.5, macOS Ventura 13.6.7, macOS Monterey 12.7.5. An app may be able to modify protected parts of the file system...

CVE-2024-27840

The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2, watchOS 10.5. An attacker that has already achieved kernel code execution may be able to bypa...

CVE-2024-27806

This issue was addressed with improved environment sanitization. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, watchOS 10.5. An app may be able to access sensitive user data...

CVE-2024-27806

This issue was addressed with improved environment sanitization. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, watchOS 10.5. An app may be able to access sensitive user data...

CVE-2024-27831

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2. Processing a file may lead to unexpected app terminati...

CVE-2024-27800

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing a maliciously crafted message may lead to a...

CVE-2024-27840

CVE-2024-27840 affects Apple platforms including macOS (Ventura 13.x, Monterey 12.x), iOS/iPadOS, tvOS, visionOS, and watchOS. The issue is described as a memory handling problem where an attacker who already has kernel code execution may bypass kernel memory protections. The vulnerability is fix...

CVE-2024-27817

The issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2. An app may be able to execute arbitrary code with kernel privileges...

CVE-2024-27799

CVE-2024-27799 affects Apple OSes: macOS Sonoma 14.5, macOS Ventura 13.6.7, macOS Monterey 12.7.5, and iOS 16.7.8 / iPadOS 16.7.8. The issue arises from insufficient entitlement checks, allowing an unprivileged app to log keystrokes in other apps, including those using secure input mode. Apple’s ...

CVE-2024-23229

The CVE-2024-23229 issue affects macOS and is described as an improved redaction of sensitive information that could allow a malicious application to access Find My data. The vulnerability is fixed in macOS Monterey 12.7.5, macOS Ventura 13.6.5, and macOS Sonoma 14.4. Exploitation details are not...

CVE-2024-27789

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, macOS Monterey 12.7.5, macOS Sonoma 14.4, macOS Ventura 13.6.7. An app may be able to access user-sensitive data...

CVE-2024-27789

CVE-2024-27789 is a logic issue in Apple systems where improved checks address a vulnerability that could allow an app to access user-sensitive data. The fix is deployed in iOS 16.7.8 and iPadOS 16.7.8, macOS Monterey 12.7.5, macOS Ventura 13.6.7, and macOS Sonoma 14.4. The connected documents co...

PT-2024-4839 · Apple · Macos Monterey +4

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 14.5 macOS Ventura versions prior to 13.6.7 macOS Monterey versions prior to 12.7.5 iOS versions prior to 16.7.8 iPadOS versions prior to 16.7.8 Description: The issue is related to insufficient protection of service...

PT-2024-22047 · Apple · Macos Monterey +7

Name of the Vulnerable Software and Affected Versions: macOS Ventura versions prior to 13.6.7 macOS Monterey versions prior to 12.7.5 iOS versions prior to 16.7.8 iPadOS versions prior to 16.7.8 tvOS versions prior to 17.5 watchOS versions prior to 10.5 macOS Sonoma versions prior to 14.5...

PT-2024-22044

Name of the Vulnerable Software and Affected Versions macOS Ventura versions prior to 13.6.7 macOS Monterey versions prior to 12.7.5 iOS versions prior to 16.7.8 iPadOS versions prior to 16.7.8 tvOS versions prior to 17.5 visionOS versions prior to 1.2 iOS versions prior to 17.5 iPadOS versions...

PT-2024-19724 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.7.5 macOS Ventura versions prior to 13.6.5 macOS Sonoma versions prior to 14.4 Description: A malicious application may be able to access Find My data due to an issue with sensitive information redaction. This issue...