8330 matches found
CVE-2024-40798
CVE-2024-40798 affects Apple platforms where an app may read Safari browsing history due to an issue addressed by improved redaction of sensitive information. Fixed in macOS Sonoma 14.6, iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, and macOS Ventura 13.6.8. The provided documents do not s...
CVE-2024-40809
CVE-2024-40809 is a logic issue in Apple’s permission checks that could allow a shortcut to bypass Internet permission requirements. The description states the issue is fixed in multiple macOS and iOS variants: iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Ventura 13.6.8, macOS Mo...
CVE-2024-40809
A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, visionOS 1.3, watchOS 10.6. A shortcut may be able to bypass Internet permission requirements...
CVE-2024-27871
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. An app may be able to access protected user data...
CVE-2024-27871
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. An app may be able to access protected user data...
CVE-2024-27871
CVE-2024-27871 describes a path handling issue in Apple platforms that was addressed with improved validation. The description indicates that an app may have been able to access protected user data due to this path handling problem. Public fix details show the issue is resolved in macOS Sonoma 14...
CVE-2024-27826
CVE-2024-27826 is an Apple macOS kernel‑level memory handling vulnerability. The issue could allow an app to execute arbitrary code with kernel privileges. Apple’s advisories indicate the fix was applied via memory handling improvements and are effective for macOS versions: Ventura 13.6.8, Sonoma...
CVE-2024-27826
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.6, macOS Sonoma 14.5, macOS Ventura 13.6.8, tvOS 17.5, visionOS 1.3, watchOS 10.5. A local attacker may be able to cause unexpected system shutdown...
CVE-2024-40833
A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A shortcut may be able to use sensitive data with certain actions without prompting the user...
CVE-2024-40794
This issue was addressed through improved state management. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. Private Browsing tabs may be accessed without authentication...
CVE-2024-40794
This issue was addressed through improved state management. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. Private Browsing tabs may be accessed without authentication...
CVE-2024-40794
CVE-2024-40794 affects Apple Safari on macOS Sonoma 14.6, iOS 17.6, and iPadOS 17.6. The issue, described as a failure in state management, allowed Private Browsing tabs to be accessed without authentication. Apple patched this by shipping fixes in macOS Sonoma 14.6, iOS 17.6, and iPadOS 17.6 (an...
CVE-2024-40794
This issue was addressed through improved state management. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. Private Browsing tabs may be accessed without authentication...
CVE-2024-27884
CVE-2024-27884 affects Apple platforms (macOS Sonoma 14.5, watchOS 10.5, visionOS 1.2, tvOS 17.5, iOS 17.5 and iPadOS 17.5). Description in multiple sources indicates the issue was addressed with a new entitlement, enabling an app to access user-sensitive data. In visionOS security content, CVE-2...
CVE-2024-27884
This issue was addressed with a new entitlement. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to access user-sensitive data...
CVE-2024-27884
This issue was addressed with a new entitlement. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to access user-sensitive data...
CVE-2024-40813
A lock screen issue was addressed with improved state management. This issue is fixed in iOS 17.6 and iPadOS 17.6, watchOS 10.6. An attacker with physical access may be able to use Siri to access sensitive user data...
CVE-2024-40813
A lock screen issue was addressed with improved state management. This issue is fixed in iOS 17.6 and iPadOS 17.6, watchOS 10.6. An attacker with physical access may be able to use Siri to access sensitive user data...
CVE-2024-40813
The CVE-2024-40813 entry concerns a lock-screen issue on Apple devices. Affected products are watchOS 10.6, iOS 17.6, and iPadOS 17.6, where an attacker with physical access could use Siri to access sensitive user data. The root cause is described as improved state management. The vulnerability i...
CVE-2024-40805
CVE-2024-40805 is a permissions/bypass issue affecting Apple platforms where an app may bypass Privacy preferences via libxpc. Technical details in the provided documents indicate the vulnerability exists in macOS Sonoma and related Apple OSes and is mitigated by the listed updates: watchOS 10.6,...