CVE-2024-44235

CVE-2024-44235 concerns Apple iOS/iPadOS where an attacker with physical access could view restricted content from a locked device. The Apple advisories indicate the issue was addressed with improved checks and is fixed in iOS 18.1 and iPadOS 18.1. Red Hat and other sources reference the same vul...

CVE-2024-44274

The issue was addressed with improved authentication. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, iOS 18.1 and iPadOS 18.1. An attacker with physical access to a locked device may be able to view sensitive user information...

CVE-2024-44274

The issue was addressed with improved authentication. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, watchOS 11.1. An attacker with physical access to a locked device may be able to view sensitive user information...

CVE-2024-44274

CVE-2024-44274 is an Apple OS vulnerability affecting the Accessibility component that could allow an attacker with physical access to a locked device to view sensitive user information. The issue is mitigated by improved authentication and is fixed in: iOS 17.7.1, iPadOS 17.7.1, watchOS 11.1, iO...

CVE-2024-44254

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, watchOS 11.1. An app may be able to access sensitive user data...

CVE-2024-44254

CVE-2024-44254 is an Apple vulnerability tied to improved redaction of sensitive information. The published details state that it is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, iOS 18.1 and iPadOS 18.1. The NVD metrics indicate a Medium base score (5.5) with a Local attack v...

CVE-2024-44254

This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 11.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, iOS 18.1 and iPadOS 18.1. An app may be able to access sensitive user data...

CVE-2024-44215

This issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing an image may result in disclosure of process memory...

CVE-2024-44215

CVE-2024-44215 affects Apple OS families. The issue arises when processing an image, which may disclose process memory. Affected products/versions include tvOS 18.1; iOS 18.1 and iOS 17.7.1 (iPadOS same); macOS Ventura 13.7.1 and macOS Sonoma 14.7.1; watchOS 11.1; and visionOS 2.1. The descriptio...

CVE-2024-44239

An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. An app may be ab...

CVE-2024-44239

An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. An app may be able to leak sensitive...

CVE-2024-44278

An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1. A sandboxed app may be able...

CVE-2024-44278

An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. A sandboxed app may be able to access sensitive...

CVE-2024-44278

Apple fixed an information disclosure vulnerability affecting private data redaction in system logs. The issue could let a sandboxed app access sensitive user data in logs. Affects iOS/iPadOS 18.1, 17.7.1; macOS Ventura 13.7.1, Sonoma 14.7.1; watchOS 11.1; visionOS 2.1. Remediation: patch version...

CVE-2024-44297

The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing a maliciously crafted message may lead to a...

CVE-2024-44297

The CVE-2024-44297 issue is resolved by Apple in multiple platforms. Affected products include tvOS 18.1; iOS 18.1 and iPadOS 18.1; iOS 17.7.1 and iPadOS 17.7.1; macOS Ventura 13.7.1 and macOS Sonoma 14.7.1; watchOS 11.1; and visionOS 2.1. The vulnerability arises from insufficient bounds checks ...

CVE-2024-44296

CVE-2024-44296 affects the WebKitGTK/WebKit2GTK components used by Linux desktop stacks (webkitgtk/webkit2gtk). The vulnerability allows processing malicious web content to bypass Content Security Policy enforcement. Connected advisories show fixes across distros (e.g., Debian: webkit2gtk 2.46.3-...

CVE-2024-44296

The issue was addressed with improved checks. This issue is fixed in Safari 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced...

CVE-2024-40851

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker with physical access may be able to access contact photos from the lock screen...

CVE-2024-44255

A path handling issue was addressed with improved logic. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, tvOS 18.1. A malicious app may be able to run arbitrary shortcuts without user consent...