CVE-2024-23241

This issue was addressed through improved state management. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. An app may be able to leak sensitive user information...

CVE-2024-23245

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent...

CVE-2024-23235

A race condition was addressed with additional validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. An app may be able to access user-sensitive data...

CVE-2024-23269

CVE-2024-23269 describes a downgrade issue on Intel-based Mac computers that could allow an app to modify protected parts of the file system. Apple addressed this by adding code-signing restrictions, and the vulnerability is stated as fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, and macOS V...

CVE-2024-23226

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to arbitrary code execution...

PT-2024-19792 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.7.4 macOS versions prior to 13.6.5 macOS versions prior to 14.4 Description: The issue was addressed with improved checks. An app may be able to break out of its sandbox. Recommendations: For macOS versions prior to...