Apple macOS vulnerabilities
3,135 known vulnerabilities affecting apple/macos.
Total CVEs
3,135
CISA KEV
75
actively exploited
Public exploits
44
Exploited in wild
61
Severity breakdown
CRITICAL203HIGH1362MEDIUM1421LOW149
Vulnerabilities
Page 51 of 157
CVE-2024-27860MEDIUMCVSS 5.5fixed in 15.0fixed in 152024-09-17
CVE-2024-27860 [MEDIUM] CWE-125 CVE-2024-27860: The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An a
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An application may be able to read restricted memory.
nvd
CVE-2024-44191MEDIUMCVSS 5.5fixed in 15.0fixed in 152024-09-17
CVE-2024-44191 [MEDIUM] CVE-2024-44191: This issue was addressed through improved state management. This issue is fixed in Xcode 16, iOS 17.
This issue was addressed through improved state management. This issue is fixed in Xcode 16, iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. An app may gain unauthorized access to Bluetooth.
nvd
CVE-2024-44167MEDIUMCVSS 5.5≥ 13.0, < 13.7≥ 14.0, < 14.7+3 more2024-09-17
CVE-2024-44167 [MEDIUM] CWE-22 CVE-2024-44167: This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18 and iPadOS 1
This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, visionOS 2. An app may be able to overwrite arbitrary files.
nvd
CVE-2024-44186MEDIUMCVSS 5.5fixed in 15.0fixed in 152024-09-17
CVE-2024-44186 [MEDIUM] CWE-200 CVE-2024-44186: An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Seq
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data.
nvd
CVE-2024-44190MEDIUMCVSS 5.5fixed in 13.7≥ 14.0, < 14.7+2 more2024-09-17
CVE-2024-44190 [MEDIUM] CWE-22 CVE-2024-44190: A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 1
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to read arbitrary files.
nvd
CVE-2024-40859MEDIUMCVSS 5.5fixed in 15.0fixed in 152024-09-17
CVE-2024-40859 [MEDIUM] CWE-281 CVE-2024-40859: A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data.
nvd
CVE-2024-44134MEDIUMCVSS 5.5fixed in 15.0fixed in 152024-09-17
CVE-2024-44134 [MEDIUM] CWE-125 CVE-2024-44134: This issue was addressed with improved redaction of sensitive information. This issue is fixed in ma
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15. An app may be able to read sensitive location information.
nvd
CVE-2024-40866MEDIUMCVSS 6.5fixed in 15.0fixed in 152024-09-17
CVE-2024-40866 [MEDIUM] CVE-2024-40866: The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiti
The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing.
nvd
CVE-2024-44130MEDIUMCVSS 4.4fixed in 15.0fixed in 152024-09-17
CVE-2024-44130 [MEDIUM] CVE-2024-44130: This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15. An
This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15. An app with root privileges may be able to access private information.
nvd
CVE-2024-27876MEDIUMCVSS 5.5≥ 13.0, < 13.7≥ 14.0, < 14.7+3 more2024-09-17
CVE-2024-27876 [MEDIUM] CWE-362 CVE-2024-27876: A race condition was addressed with improved locking. This issue is fixed in iOS 17.7 and iPadOS 17.
A race condition was addressed with improved locking. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, visionOS 2. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files.
nvd
CVE-2024-40844MEDIUMCVSS 5.5fixed in 13.7≥ 14.0, < 14.7+2 more2024-09-17
CVE-2024-40844 [MEDIUM] CVE-2024-40844: A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to observe data displayed to the user by Shortcuts.
nvd
CVE-2024-40825MEDIUMCVSS 4.4fixed in 15.0fixed in 152024-09-17
CVE-2024-40825 [MEDIUM] CWE-284 CVE-2024-40825: The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15, visionOS 2. A
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15, visionOS 2. A malicious app with root privileges may be able to modify the contents of system files.
nvd
CVE-2024-44135MEDIUMCVSS 5.5fixed in 14.7fixed in 152024-09-17
CVE-2024-44135 [MEDIUM] CWE-276 CVE-2024-44135: A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7. An app may be able to access protected files within an App Sandbox container.
nvd
CVE-2024-40857MEDIUMCVSS 6.1fixed in 15.0fixed in 152024-09-17
CVE-2024-40857 [MEDIUM] CWE-79 CVE-2024-40857: This issue was addressed through improved state management. This issue is fixed in Safari 18, iOS 18
This issue was addressed through improved state management. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. Processing maliciously crafted web content may lead to universal cross site scripting.
nvd
CVE-2024-44178MEDIUMCVSS 5.5fixed in 13.7≥ 14.0, < 14.7+2 more2024-09-17
CVE-2024-44178 [MEDIUM] CWE-59 CVE-2024-44178: This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to modify protected parts of the file system.
nvd
CVE-2024-40847MEDIUMCVSS 5.5fixed in 13.7≥ 14.0, < 14.7+2 more2024-09-17
CVE-2024-40847 [MEDIUM] CVE-2024-40847: The issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequ
The issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to access sensitive user data.
nvd
CVE-2024-44128MEDIUMCVSS 5.5fixed in 13.7≥ 14.0, < 14.7+2 more2024-09-17
CVE-2024-44128 [MEDIUM] CWE-841 CVE-2024-44128: This issue was addressed by adding an additional prompt for user consent. This issue is fixed in mac
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An Automator Quick Action workflow may be able to bypass Gatekeeper.
nvd
CVE-2024-40843MEDIUMCVSS 5.5fixed in 15.0fixed in 152024-09-17
CVE-2024-40843 [MEDIUM] CWE-863 CVE-2024-40843: The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An app may be
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An app may be able to modify protected parts of the file system.
nvd
CVE-2024-27869MEDIUMCVSS 5.5fixed in 15.0fixed in 152024-09-17
CVE-2024-27869 [MEDIUM] CWE-22 CVE-2024-27869: The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS Seq
The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to record the screen without an indicator.
nvd
CVE-2024-44161MEDIUMCVSS 5.5fixed in 13.7≥ 14.0, < 14.7+2 more2024-09-17
CVE-2024-44161 [MEDIUM] CWE-125 CVE-2024-44161: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequ
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. Processing a maliciously crafted texture may lead to unexpected app termination.
nvd