CVE-2024-40847

CVE-2024-40847 affects macOS: fixed via added code-signing restrictions in macOS Ventura 13.7, macOS Sonoma 14.7, and macOS Sequoia 15. The issue could allow an app to access sensitive user data, addressed by the patch. Connected sources (NVD/Red Hat/NCSC/Nessus/OpenVAS) reiterate the same remedi...

macOS 13.x < 13.7 Multiple Vulnerabilities (121234)

The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.7. It is, therefore, affected by multiple vulnerabilities: - A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18,...

About the security content of macOS Sonoma 14.7

About the security content of macOS Sonoma 14.7 This document describes the security content of macOS Sonoma 14.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases ar...

About the security content of macOS Ventura 13.7

About the security content of macOS Ventura 13.7 This document describes the security content of macOS Ventura 13.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases...

Microsoft OneNote for macOS library injection vulnerability

Talos Vulnerability Report TALOS-2024-1975 Microsoft OneNote for macOS library injection vulnerability August 19, 2024 CVE Number CVE-2024-41159 SUMMARY A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially crafted library can leverage OneNote’s access...

CVE-2024-40814

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.6. An app may be able to bypass Privacy preferences...

CVE-2024-40814

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Ventura 13.7. An app may be able to bypass Privacy preferences...

CVE-2024-40774

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, macOS Sonoma 14.6. An app may be able to bypass Privacy preferences...

CVE-2024-40775

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to leak sensitive user information...

CVE-2024-40774

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences...

CVE-2024-40775

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to leak sensitive user information...

CVE-2024-40814

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Ventura 13.7. An app may be able to bypass Privacy preferences...

CVE-2024-40814

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Ventura 13.7. An app may be able to bypass Privacy preferences...

CVE-2024-40814

CVE-2024-40814 affects macOS, described as a downgrade issue that could allow an app to bypass Privacy preferences. Apple states the issue was fixed with additional code-signing restrictions and references macOS Sonoma 14.6 as the fixed version. The NVD/NCSC/Nessus entries corroborate the vulnera...

CVE-2024-40775

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to leak sensitive user information...

CVE-2024-40775

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to leak sensitive user information...

CVE-2024-40775

CVE-2024-40775 describes a downgrade issue addressed by adding code-signing restrictions. The vulnerability could allow an app to leak sensitive user information. Apple fixed the issue in macOS Sonoma 14.6, macOS Monterey 12.7.6, and macOS Ventura 13.6.8. The provided connected documents confirm ...

CVE-2024-40774

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences...

CVE-2024-40774

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences...

CVE-2024-40774

CVE-2024-40774 is a downgrade issue addressed by stricter code-signing restrictions. Affected platforms include macOS Ventura 13.6.8, Monterey 12.7.6, iOS 17.6/iPadOS 17.6, watchOS 10.6, tvOS 17.6, and macOS Sonoma 14.6; the flaw could allow an app to bypass Privacy preferences. Remediation is th...