Macos Security Vulnerabilities and Issues — Page 47 of Macos CVE List

5.3CVSS5.7AI score0.00365EPSS

CVE-2024-27881

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to access information about a user’s contacts.

4.4CVSS6AI score0.0003EPSS

CVE-2024-27883

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to modify protected parts of the file system.

CVE•added 2024/09/17 12:15 a.m.•48 views

CVE-2024-40801

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access protected user data.

5.5CVSS6.2AI score0.00027EPSS

5.5CVSS5.8AI score0.00053EPSS

CVE-2024-40806

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing a maliciously crafted file may l...

8.4CVSS5.9AI score0.00034EPSS

CVE-2024-40811

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. An app may be able to modify protected parts of the file system.

3.3CVSS5.8AI score0.00048EPSS

CVE-2024-40832

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. An app may be able to view a contact's phone number in system logs.

CVE•added 2025/01/15 8:15 p.m.•48 views

CVE-2024-40854

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to cause unexpected system termination.

6.5CVSS5.3AI score0.00045EPSS

CVE•added 2024/12/12 2:15 a.m.•48 views

CVE-2024-44225

A logic issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to gain elevated privileges.

7.8CVSS5.9AI score0.00048EPSS

CVE•added 2024/12/20 4:15 a.m.•48 views

CVE-2024-44231

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. A person with physical access to a Mac may be able to bypass Login Window during a software update.

7.5CVSS5.3AI score0.0008EPSS

CVE•added 2025/01/27 10:15 p.m.•48 views

CVE-2024-54509

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory.

7.8CVSS6.1AI score0.00021EPSS

CVE•added 2025/05/12 10:15 p.m.•48 views

CVE-2025-24144

An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.6, visionOS 2.3, iPadOS 17.7.7, watchOS 11.3, macOS Ventura 13.7.6, iOS 18.3 and iPadOS 18.3, tvOS 18.3. An app may be able to leak sensitive kernel state.

5.5CVSS4.9AI score0.00008EPSS

CVE•added 2025/04/29 3:15 a.m.•48 views

CVE-2025-24179

A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.3 and iPadOS 18.3, visionOS 2.3, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, macOS Sequoia 15.3, tvOS 18.3. An attacker on the local network may be able to cause a denial-of-service.

5.7CVSS7.2AI score0.00013EPSS

5.5CVSS5.6AI score0.00017EPSS

CVE-2025-24218

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.4. An app may be able to access information about a user's contacts.

7.8CVSS7.5AI score0.00018EPSS

CVE-2025-24228

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to execute arbitrary code with kernel privileges.

5CVSS5.8AI score0.00026EPSS

CVE-2025-24248

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to enumerate devices that have signed into the user's Apple Account.

9.8CVSS6.1AI score0.00064EPSS

CVE-2025-24273

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause unexpected system termination or corrupt kernel memory.

4.3CVSS5.9AI score0.00043EPSS

CVE-2025-24279

This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access contacts.

CVE•added 2025/05/12 10:15 p.m.•48 views

CVE-2025-31221

An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A remote attacker may be able to leak memory.

7.5CVSS6.1AI score0.00114EPSS

CVE•added 2001/09/12 4:0 a.m.•47 views

CVE-1999-1543

MacOS uses weak encryption for passwords that are stored in the Users & Groups Data File.

4.6CVSS6.8AI score0.00314EPSS

CVE•added 2020/10/27 8:15 p.m.•47 views

CVE-2019-8642

An issue existed in the handling of S-MIME certificates. This issue was addressed with improved validation of S-MIME certificates. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted mail message may le...

4.3CVSS4.8AI score0.00088EPSS

CVE•added 2020/10/27 8:15 p.m.•47 views

CVE-2019-8826

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.3AI score0.00681EPSS

CVE•added 2020/10/22 6:15 p.m.•47 views

CVE-2020-9899

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS8.2AI score0.00303EPSS

CVE•added 2020/10/22 7:15 p.m.•47 views

CVE-2020-9908

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to cause unexpected system termination or read kernel memory.

7.1CVSS6.1AI score0.00039EPSS

CVE•added 2021/04/02 6:15 p.m.•47 views

CVE-2021-1755

A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. A person with physical access to an iOS device may be able to access contacts from the lock screen.

2.4CVSS3.3AI score0.00131EPSS

CVE•added 2021/08/24 7:15 p.m.•47 views

CVE-2021-30930

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. An attacker may be able to track users through their IP address.

5.3CVSS5.5AI score0.00232EPSS

CVE•added 2022/11/01 8:15 p.m.•47 views

CVE-2022-42814

A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data.

5.5CVSS5.9AI score0.00089EPSS

CVE•added 2024/01/10 10:15 p.m.•47 views

CVE-2022-46710

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Location data may be shared via iCloud links even if Location metadata is disabled via the Share Sheet.

5.5CVSS5AI score0.00107EPSS

CVE•added 2025/03/10 8:15 p.m.•47 views

CVE-2022-48610

This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2. An app may be able to access user-sensitive data.

5.5CVSS6.1AI score0.00023EPSS

CVE•added 2023/09/27 3:18 p.m.•47 views

CVE-2023-37448

A lock screen issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14. A user may be able to view restricted content from the lock screen.

3.3CVSS3.9AI score0.00111EPSS

CVE•added 2024/01/10 10:15 p.m.•47 views

CVE-2023-42929

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may be able to access protected user data.

5.5CVSS5.2AI score0.00152EPSS

CVE•added 2024/07/29 9:15 p.m.•47 views

CVE-2023-42943

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14. An app may be able to read sensitive location information.

5.5CVSS5.7AI score0.00053EPSS

CVE•added 2024/01/23 1:15 a.m.•47 views

CVE-2024-23224

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.3, macOS Ventura 13.6.4. An app may be able to access sensitive user data.

5.5CVSS5.5AI score0.00049EPSS

5.5CVSS6AI score0.00043EPSS

CVE-2024-44134

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15. An app may be able to read sensitive location information.

5.5CVSS6.6AI score0.00036EPSS

CVE-2024-44168

A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system.

5.5CVSS6AI score0.00037EPSS

CVE-2024-44184

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access user-sensitive data.