Apple Macos Monterey vulnerabilities

CVE-2024-40835 [MEDIUM] CVE-2024-40835: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-40835 Component: Shortcuts Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: A logic issue was addressed with improved checks.

CVE-2024-40834 [MEDIUM] CVE-2024-40834: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-40834 Component: Shortcuts Impact: A shortcut may be able to bypass sensitive Shortcuts app settings Description: This issue was addressed by adding an additional prompt for user consent.

CVE-2024-40806 [MEDIUM] CVE-2024-40806: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-40806 Component: ImageIO Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds read issue was addressed with improved input validation.

CVE-2024-40796 [MEDIUM] CVE-2024-40796: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-40796 Component: NetworkExtension Impact: Private browsing may leak some browsing history Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-2379 [MEDIUM] CVE-2024-2379: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-2379 Component: CVE-2024-2379

CVE-2024-27882 [MEDIUM] CVE-2024-27882: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-27882 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: A permissions issue was addressed with additional restrictions.

CVE-2024-27877 [MEDIUM] CVE-2024-27877: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-27877 Component: AppleVA Impact: Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents Description: The issue was addressed with improved memory handling.

CVE-2024-44205 [MEDIUM] CVE-2024-44205: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-44205 Component: Siri Impact: A sandboxed app may be able to access sensitive user data in system logs Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-6277 [MEDIUM] CVE-2023-6277: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2023-6277 Component: CVE-2023-6277

CVE-2024-40827 [MEDIUM] CVE-2024-40827: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-40827 Component: DesktopServices Impact: An app may be able to overwrite arbitrary files Description: The issue was addressed with improved checks.

CVE-2024-40807 [MEDIUM] CVE-2024-40807: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-40807 Component: Shortcuts Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: A logic issue was addressed with improved checks.

CVE-2024-2466 [MEDIUM] CVE-2024-2466: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-2466 Component: CVE-2024-2466

CVE-2024-27883 [MEDIUM] CVE-2024-27883: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-27883 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: A permissions issue was addressed with additional restrictions.

CVE-2024-27873 [MEDIUM] CVE-2024-27873: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-27873 Component: CoreMedia Impact: Processing a maliciously crafted video file may lead to unexpected app termination Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2024-40817 [MEDIUM] CVE-2024-40817: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-40817 Component: Safari Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: The issue was addressed with improved UI handling.

CVE-2024-27881 [MEDIUM] CVE-2024-27881: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-27881 Component: Scripting Bridge Impact: An app may be able to access information about a user’s contacts Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-40800 [MEDIUM] CVE-2024-40800: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-40800 Component: Restore Framework Impact: An app may be able to modify protected parts of the file system Description: An input validation issue was addressed with improved input validation.

CVE-2024-40775 [MEDIUM] CVE-2024-40775: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-40775 Component: AppleMobileFileIntegrity Impact: An app may be able to leak sensitive user information Description: A downgrade issue was addressed with additional code-signing restrictions.

CVE-2024-40816 [MEDIUM] CVE-2024-40816: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-40816 Component: Kernel Impact: A local attacker may be able to cause unexpected system shutdown Description: An out-of-bounds read was addressed with improved input validation.

CVE-2024-40823 [MEDIUM] CVE-2024-40823: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-40823 Component: PackageKit Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks.