21 matches found
EUVD-2024-20764
Malicious code in bioql PyPI...
EUVD-2024-38672
Malicious code in bioql PyPI...
EUVD-2024-38628
Malicious code in bioql PyPI...
CVE-2025-43252
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sequoia 15.6. A website may be able to access sensitive user data when resolving symlinks...
CVE-2025-43252
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sequoia 15.6. A website may be able to access sensitive user data when resolving symlinks...
CVE-2024-40787
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, watchOS 10.6. A shortcut may be able to bypass Internet permission requirements...
CVE-2024-44128
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An Automator Quick Action workflow may be able to bypass Gatekeeper...
CVE-2024-44128
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An Automator Quick Action workflow may be able to bypass Gatekeeper...
CVE-2024-40787
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, macOS Sonoma 14.6. A shortcut may be able to bypass Internet permission requirements...
CVE-2024-40787
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, watchOS 10.6. A shortcut may be able to bypass Internet permission requirements...
CVE-2024-40834
CVE-2024-40834 affects macOS where a shortcut may bypass sensitive Shortcuts app settings. The issue is addressed by adding an extra user-consent prompt and is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, and macOS Ventura 13.6.8. For context, the initial documentation lists these patch lev...
CVE-2024-40787
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, watchOS 10.6. A shortcut may be able to bypass Internet permission requirements...
CVE-2024-40787
CVE-2024-40787 is a local, low-privilege impact issue in Apple platforms where an attacker could bypass internet permission prompts. The root cause involves the handling of user consent prompts, allowing a Shortcut to circumvent Internet permission requirements. Affected products/versions include...
PT-2024-29045 · Apple · Macos Monterey +6
Name of the Vulnerable Software and Affected Versions: macOS Ventura versions prior to 13.6.8 macOS Monterey versions prior to 12.7.6 iOS versions prior to 17.6 iPadOS versions prior to 17.6 watchOS versions prior to 10.6 macOS Sonoma versions prior to 14.6 Description: This issue allows a shortc...
CVE-2024-27792
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data...
CVE-2024-23245
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent...
Code injection
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent...
macOS 12.x < 12.7.4 Multiple Vulnerabilities (HT214083)
The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.7.4. It is, therefore, affected by multiple vulnerabilities: - This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, macOS Monterey 12.7.4,...
CVE-2023-40541
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14. A shortcut may output sensitive user data without consent...
Design/Logic Flaw
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14. A shortcut may output sensitive user data without consent...