Macos Security Vulnerabilities and Issues — Page 8 of Macos CVE List

7.8CVSS7.5AI score0.00106EPSS

CVE-2022-47915

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.

5.5CVSS5.2AI score0.00139EPSS

CVE-2022-48504

The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data.

5.5CVSS5.2AI score0.00096EPSS

CVE-2023-38607

The issue was addressed with improved handling of caches. This issue is fixed in macOS Sonoma 14. An app may be able to modify Printer settings.

7.1CVSS6.6AI score0.00057EPSS

CVE-2023-38610

A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to cause unexpected system termination or write kernel memory.

6.5CVSS5.7AI score0.00252EPSS

CVE-2023-42865

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing an image may result in disclosure of process memory.

CVE•added 2024/07/29 11:15 p.m.•44 views

CVE-2024-23261

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventura 13.6.8. An attacker may be able to read information belonging to another user.

7.5CVSS5.6AI score0.00338EPSS

CVE•added 2024/07/29 11:15 p.m.•44 views

CVE-2024-40833

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Ventura 13.6.8. A shortcut may be able to use sensitive data with certain actions without prompting the user.

6.2CVSS5.5AI score0.00053EPSS

CVE•added 2024/09/17 12:15 a.m.•44 views

CVE-2024-40838

A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sequoia 15. A malicious app may be able to access notifications from the user's device.

3.3CVSS6.2AI score0.00035EPSS

CVE•added 2024/09/17 12:15 a.m.•44 views

CVE-2024-44158

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. A shortcut may output sensitive user data without consent.

5.5CVSS5.9AI score0.00061EPSS

7.1CVSS6.2AI score0.00026EPSS

CVE-2024-44159

A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to bypass Privacy preferences.

CVE•added 2024/09/17 12:15 a.m.•44 views

CVE-2024-44160

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted texture may lead to unexpected app termination.

7.8CVSS6.8AI score0.00031EPSS

6.5CVSS6AI score0.00039EPSS

CVE-2024-44220

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2. Parsing a maliciously crafted video file may lead to unexpected system termination.

7.8CVSS6.4AI score0.0002EPSS

CVE-2024-44224

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. A malicious app may be able to gain root privileges.

5.5CVSS5.5AI score0.00022EPSS

CVE-2024-44275

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious application may be able to modify protected parts of the file system.

7.7CVSS5.7AI score0.00024EPSS

CVE-2024-44280

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system.

5.5CVSS5.5AI score0.0002EPSS

CVE-2024-44281

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Parsing a file may lead to disclosure of user information.

CVE•added 2024/10/28 10:15 p.m.•44 views

CVE-2024-44283

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Parsing a maliciously crafted file may lead to an unexpected app termination.

6.5CVSS5.6AI score0.00047EPSS

9.8CVSS5.9AI score0.00186EPSS

CVE-2024-54465

A logic issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.2. An app may be able to elevate privileges.

7.8CVSS6.8AI score0.00021EPSS

CVE-2024-54489

A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Running a mount command may unexpectedly execute arbitrary code.

5.9CVSS5.7AI score0.00095EPSS

CVE-2024-54494

A race condition was addressed with additional validation. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An attacker may be able to create a read-only memory mapping that can be w...

CVE•added 2024/01/10 10:15 p.m.•43 views

CVE-2023-42828

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.5. An app may be able to gain root privileges.

7.8CVSS7.6AI score0.0013EPSS

6.1CVSS6.1AI score0.00043EPSS

CVE-2024-27877

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents.

6.7CVSS7.6AI score0.00022EPSS

CVE-2024-27878

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.6. An app with root privileges may be able to execute arbitrary code with kernel privileges.

5.5CVSS5.9AI score0.0004EPSS

CVE-2024-27880

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma 14.7, tvOS 18. Processing a maliciously crafted file may lead to unexpected app termination.

8.4CVSS5.8AI score0.00035EPSS

CVE-2024-40781

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. A local attacker may be able to elevate their privileges.

5.5CVSS5.9AI score0.00044EPSS

CVE-2024-40823

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to access user-sensitive data.

7.5CVSS6AI score0.00294EPSS

CVE-2024-40856

An integrity issue was addressed with Beacon Protection. This issue is fixed in iOS 18 and iPadOS 18, tvOS 18, macOS Sequoia 15. An attacker may be able to force a device to disconnect from a secure network.

CVE•added 2024/10/28 9:15 p.m.•43 views

CVE-2024-44144

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1, tvOS 18, watchOS 11, visionOS 2, iOS 18 and iPadOS 18. Processing a maliciously crafted file may lead to unexpected app termination.

5.5CVSS5.9AI score0.00034EPSS

5.5CVSS6.1AI score0.00028EPSS

CVE-2024-44163

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. A malicious application may be able to access private information.

5.5CVSS6AI score0.00044EPSS

CVE-2024-44170

A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in iOS 18 and iPadOS 18, watchOS 11, macOS Sequoia 15. An app may be able to access user-sensitive data.