EUVD-2024-40932

Malicious code in bioql PyPI...

CVE-2024-27879

The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18. An attacker may be able to cause unexpected app termination...

CVE-2024-44127

This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18. Private Browsing tabs may be accessed without authentication...

CVE-2024-40844

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to observe data displayed to the user by Shortcuts...

CVE-2024-44179

CVE-2024-44179 affects Apple devices running iOS 17.7/iPadOS 17.7, iOS 18, and iPadOS 18, plus macOS Sequoia 15. The issue arises from restrictions on options offered on a locked device, potentially allowing an attacker with physical access to read contact numbers from the lock screen. Apple fixe...

CVE-2024-44126

The issue was addressed with improved checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7.1, visionOS 2. Processing a maliciously crafted file may lead to heap corruption...

CVE-2024-44126

CVE-2024-44126 affects Apple ARKit components on macOS and iOS family. The vulnerability allows processing a maliciously crafted file to trigger a heap corruption, with potential impact across confidentiality, integrity, and availability as described in the CVE metrics. Apple’s advisories indicat...

CVE-2024-44169

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, tvOS 18, visionOS 2, watchOS 11. An app may be able to cause unexpected system termination...

CVE-2024-44184

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to access user-sensitive data...

CVE-2024-44176

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, tvOS 18, visionOS 2, watchOS 11. Processing an image may lead to a denial-of-service...

CVE-2024-44171

This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, watchOS 11. An attacker with physical access to a locked device may be able to Control Nearby Devices via accessibility features...

CVE-2024-44158

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. A shortcut may output sensitive user data without consent...

CVE-2024-40850

A file access issue was addressed with improved input validation. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, tvOS 18, visionOS 2, watchOS 11. An app may be able to access user-sensitive data...

CVE-2024-44127

This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18. Private Browsing tabs may be accessed without authentication...

CVE-2024-40844

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to observe data displayed to the user by Shortcuts...

CVE-2024-40791

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to access information about a user's contacts...

CVE-2024-27879

The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18. An attacker may be able to cause unexpected app termination...

CVE-2024-27876

A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files...

CVE-2024-27879

The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18. An attacker may be able to cause unexpected app termination...

CVE-2024-27876

A race condition was addressed with improved locking. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, visionOS 2. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files...