Macos@* Security Vulnerabilities and Issues — Page 52 of Macos@* CVE List

7.8CVSS5.4AI score0.00041EPSS

CVE-2024-44126

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, iOS 17.7 and iPadOS 17.7, macOS Sonoma 14.7, visionOS 2, iOS 18 and iPadOS 18. Processing a maliciously crafted file may lead to heap corruption.

cve•added 2024/10/28 10:15 p.m.•40 views

CVE-2024-44145

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15, iOS 18 and iPadOS 18. An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock Screen.

6.1CVSS5AI score0.00039EPSS

cve•added 2024/09/17 12:15 a.m.•40 views

CVE-2024-44154

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted file may lead to unexpected app termination.

5.5CVSS6.2AI score0.00031EPSS

cve•added 2024/09/17 12:15 a.m.•40 views

CVE-2024-44178

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system.

5.5CVSS6.1AI score0.00077EPSS

5.5CVSS5.5AI score0.00067EPSS

CVE-2024-44197

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious app may be able to cause a denial-of-service.

cve•added 2025/03/10 7:15 p.m.•40 views

CVE-2024-44227

The issue was addressed with improved memory handling. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to cause unexpected system termination or corrupt kernel memory.

7.5CVSS5.7AI score0.00045EPSS

7.5CVSS5.5AI score0.00099EPSS

CVE-2024-44264

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious app may be able to create symlinks to protected regions of the disk.

6.5CVSS5.5AI score0.00083EPSS

CVE-2024-44279

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Parsing a file may lead to disclosure of user information.

6.5CVSS5.8AI score0.00053EPSS

CVE-2024-44284

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Parsing a maliciously crafted file may lead to an unexpected app termination.

cve•added 2025/03/10 7:15 p.m.•40 views

CVE-2024-54546

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An app may be able to cause unexpected system termination or corrupt kernel memory.

7.5CVSS6AI score0.00057EPSS

cve•added 2025/05/29 10:15 p.m.•40 views

CVE-2025-31189

A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox.

8.2CVSS6.2AI score0.00018EPSS

cve•added 2025/05/12 10:15 p.m.•40 views

CVE-2025-31224

A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to bypass certain Privacy preferences.

7.8CVSS5.9AI score0.00021EPSS

cve•added 2025/07/30 12:15 a.m.•40 views

CVE-2025-43227

This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may disclose sensitive user information.

7.5CVSS5.3AI score0.00073EPSS

cve•added 2001/02/12 5:0 a.m.•39 views

CVE-2001-0102

"Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password.

7.2CVSS7.3AI score0.00052EPSS

cve•added 2023/09/06 2:15 a.m.•39 views

CVE-2023-32426

A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may be able to gain root privileges.

7.8CVSS7.2AI score0.00085EPSS

5.5CVSS5.2AI score0.00122EPSS

CVE-2023-40411

This issue was addressed with improved data protection. This issue is fixed in macOS Sonoma 14. An app may be able to access user-sensitive data.

5.5CVSS5.2AI score0.00124EPSS

CVE-2023-40430

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may be able to access removable volumes without user consent.

7CVSS6.5AI score0.00066EPSS

CVE-2023-42832

A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to gain root privileges.

7.5CVSS7.3AI score0.00136EPSS

CVE-2023-42869

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, iOS 16.5 and iPadOS 16.5. Multiple issues in libxml2.

cve•added 2023/12/12 1:15 a.m.•39 views

CVE-2023-42906

7.8CVSS8AI score0.00034EPSS

7.5CVSS6.2AI score0.0013EPSS

CVE-2024-27795

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A camera extension may be able to access the internet.

5.5CVSS6.1AI score0.00043EPSS

CVE-2024-27860

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An application may be able to read restricted memory.

5.5CVSS6.1AI score0.00032EPSS

CVE-2024-27861

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An application may be able to read restricted memory.

7.5CVSS6.2AI score0.00103EPSS

CVE-2024-40770

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A non-privileged user may be able to modify restricted network settings.

5.5CVSS6.2AI score0.00045EPSS

CVE-2024-40837

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data.

5.5CVSS6.3AI score0.00088EPSS

CVE-2024-40845

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted video file may lead to unexpected app termination.

5.5CVSS6.1AI score0.00038EPSS

CVE-2024-40847

The issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access sensitive user data.

cve•added 2024/10/28 9:15 p.m.•39 views

CVE-2024-44137

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1. An attacker with physical access may be able to share items from the lock screen.

4.6CVSS5.1AI score0.00054EPSS

6.5CVSS6.2AI score0.00077EPSS

CVE-2024-44151

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system.

5.5CVSS5.8AI score0.00038EPSS

CVE-2024-44181

An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to read sensitive location information.

5.5CVSS6.3AI score0.00053EPSS

CVE-2024-44186

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data.

cve•added 2024/12/12 2:15 a.m.•39 views

CVE-2024-54490

This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Sequoia 15.2. A local attacker may gain access to user's Keychain items.

5.5CVSS6.3AI score0.00016EPSS

5.3CVSS5.7AI score0.00027EPSS

CVE-2024-54518

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory.

7.8CVSS5.7AI score0.0004EPSS

CVE-2024-54522

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory.

5.5CVSS6AI score0.00023EPSS

CVE-2024-54536

The issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15.2. An app may be able to edit NVRAM variables.

5.5CVSS6AI score0.00023EPSS

CVE-2025-24087

The issue was addressed with additional permissions checks. This issue is fixed in macOS Sequoia 15.3. An app may be able to access protected user data.

7.8CVSS6.5AI score0.00024EPSS

CVE-2025-24274

An input validation issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. A malicious app may be able to gain root privileges.

7.1CVSS5.7AI score0.00042EPSS

CVE-2025-31232

A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. A sandboxed app may be able to access sensitive user data.

7.5CVSS6AI score0.00047EPSS

CVE-2025-31247

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An attacker may gain access to protected parts of the file system.