Apple macOS vulnerabilities

3,135 known vulnerabilities affecting apple/macos.

Total CVEs

3,135

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL203HIGH1362MEDIUM1421LOW149

Vulnerabilities

Page 46 of 157

CVE-2024-44208HIGHCVSS 7.5fixed in 15.0fixed in 152024-10-28

CVE-2024-44208 [HIGH] CWE-862 CVE-2024-44208: This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15. This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15. An app may be able to bypass certain Privacy preferences.

nvd

CVE-2024-44259HIGHCVSS 7.5≥ 15.0, < 15.1fixed in 15.12024-10-28

CVE-2024-44259 [HIGH] CVE-2024-44259: This issue was addressed through improved state management. This issue is fixed in Safari 18.1, iOS This issue was addressed through improved state management. This issue is fixed in Safari 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1. An attacker may be able to misuse a trust relationship to download malicious content.

nvd

CVE-2024-44275MEDIUMCVSS 5.5≥ 13.0, < 13.7.1≥ 14.0, < 14.7.1+3 more2024-10-28

CVE-2024-44275 [MEDIUM] CWE-922 CVE-2024-44275: The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1, macOS Sonom The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. A malicious application may be able to modify protected parts of the file system.

nvd

CVE-2024-44279MEDIUMCVSS 5.5≥ 13.0, < 13.7.1≥ 14.0, < 14.7.1+3 more2024-10-28

CVE-2024-44279 [MEDIUM] CWE-125 CVE-2024-44279: An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Seq An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. Parsing a file may lead to disclosure of user information.

nvd

CVE-2024-44194MEDIUMCVSS 5.5fixed in 15.12024-10-28

CVE-2024-44194 [MEDIUM] CVE-2024-44194: This issue was addressed with improved redaction of sensitive information. This issue is fixed in iO This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, watchOS 11.1. An app may be able to access sensitive user data.

nvd

CVE-2024-44257MEDIUMCVSS 5.5≥ 13.0, < 13.7.1≥ 14.0, < 14.7.1+3 more2024-10-28

CVE-2024-44257 [MEDIUM] CWE-922 CVE-2024-44257: This issue was addressed with improved redaction of sensitive information. This issue is fixed in ma This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to access sensitive user data.

nvd

CVE-2024-44240MEDIUMCVSS 5.5≥ 13.0, < 13.7.1≥ 14.0, < 14.7.1+3 more2024-10-28

CVE-2024-44240 [MEDIUM] CVE-2024-44240: The issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, i The issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing a maliciously crafted font may result in the disclosure of process memory.

nvd

CVE-2024-44216MEDIUMCVSS 5.5≥ 13.0, < 13.7.1≥ 14.0, < 14.7.1+3 more2024-10-28

CVE-2024-44216 [MEDIUM] CWE-922 CVE-2024-44216: An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Seq An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to access user-sensitive data.

nvd

CVE-2024-44254MEDIUMCVSS 5.5fixed in 13.7.1≥ 14.0, < 14.7.1+2 more2024-10-28

CVE-2024-44254 [MEDIUM] CVE-2024-44254: This issue was addressed with improved redaction of sensitive information. This issue is fixed in iO This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, watchOS 11.1. An app may be able to access sensitive user data.

nvd

CVE-2024-44247MEDIUMCVSS 5.5fixed in 13.7.1≥ 14.0, < 14.7.1+2 more2024-10-28

CVE-2024-44247 [MEDIUM] CWE-863 CVE-2024-44247: The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1, macOS Sonom The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. A malicious application may be able to modify protected parts of the file system.

nvd

CVE-2024-44281MEDIUMCVSS 5.5fixed in 13.7.1≥ 14.0, < 14.7.1+2 more2024-10-28

CVE-2024-44281 [MEDIUM] CWE-125 CVE-2024-44281: An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Seq An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. Parsing a file may lead to disclosure of user information.

nvd

CVE-2024-44264MEDIUMCVSS 5.5fixed in 13.7.1≥ 14.0, < 14.7.1+2 more2024-10-28

CVE-2024-44264 [MEDIUM] CWE-59 CVE-2024-44264: This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. A malicious app may be able to create symlinks to protected regions of the disk.

nvd

CVE-2024-44294MEDIUMCVSS 6.5fixed in 13.7.1≥ 14.0, < 14.7.1+2 more2024-10-28

CVE-2024-44294 [MEDIUM] CVE-2024-44294: A path deletion vulnerability was addressed by preventing vulnerable code from running with privileg A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An attacker with root privileges may be able to delete protected system files.

nvd

CVE-2024-44145MEDIUMCVSS 6.1fixed in 15.0fixed in 152024-10-28

CVE-2024-44145 [MEDIUM] CVE-2024-44145: This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock Screen.

nvd

CVE-2024-44253MEDIUMCVSS 5.5fixed in 13.7.1≥ 14.0, < 14.7.1+2 more2024-10-28

CVE-2024-44253 [MEDIUM] CWE-863 CVE-2024-44253: The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1, macOS Sonom The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to modify protected parts of the file system.

nvd

CVE-2024-44155MEDIUMCVSS 6.5fixed in 15.0fixed in 152024-10-28

CVE-2024-44155 [MEDIUM] CVE-2024-44155: A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 18, iOS 17.7.1 and iPadOS 17.7.1, iOS 18 and iPadOS 18, macOS Sequoia 15, watchOS 11. Maliciously crafted web content may violate iframe sandboxing policy.

nvd

CVE-2024-44269MEDIUMCVSS 5.5fixed in 13.7.1≥ 14.0, < 14.7.1+2 more2024-10-28

CVE-2024-44269 [MEDIUM] CVE-2024-44269: A logic issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7. A logic issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1. A malicious app may use shortcuts to access restricted files.

nvd

CVE-2024-44297MEDIUMCVSS 6.5fixed in 13.7.1≥ 14.0, < 14.7.1+2 more2024-10-28

CVE-2024-44297 [MEDIUM] CVE-2024-44297: The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.7.1 and iPadOS 17 The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing a maliciously crafted message may lead to a denial-of-service.

nvd

CVE-2024-44283MEDIUMCVSS 5.5≥ 13.0, < 13.7.1≥ 14.0, < 14.7.1+3 more2024-10-28

CVE-2024-44283 [MEDIUM] CWE-125 CVE-2024-44283: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequ An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. Parsing a maliciously crafted file may lead to an unexpected app termination.

nvd

CVE-2024-44175MEDIUMCVSS 5.5fixed in 14.7.1fixed in 152024-10-28

CVE-2024-44175 [MEDIUM] CWE-59 CVE-2024-44175: This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.1. An app may be able to access sensitive user data.

nvd

← Previous46 / 157Next →