Apple Macos Monterey vulnerabilities

CVE-2024-27799 [LOW] CVE-2024-27799: macOS Monterey 12.7.5 Apple Security Update: About the security content of macOS Monterey 12.7.5 Product: macOS Monterey Version: 12.7.5 CVE: CVE-2024-27799 Component: IOHIDFamily Impact: An unprivileged app may be able to log keystrokes in other apps including those using secure input mode Description: This issue was addressed with additional entitlement checks.

CVE-2024-23247 [HIGH] CVE-2024-23247: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23247 Component: ColorSync Impact: Processing a file may lead to unexpected app termination or arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2024-23268 [HIGH] CVE-2024-23268: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23268 Component: PackageKit Impact: An app may be able to elevate privileges Description: An injection issue was addressed with improved input validation.

CVE-2024-23274 [HIGH] CVE-2024-23274: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23274 Component: PackageKit Impact: An app may be able to elevate privileges Description: An injection issue was addressed with improved input validation.

CVE-2024-23225 [HIGH] CVE-2024-23225: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23225 Component: CVE-2024-23225 Impact: An app may be able to cause a denial-of-service Description: A permissions issue was addressed with additional restrictions.

CVE-2024-23286 [HIGH] CVE-2024-23286: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23286 Component: ImageIO Impact: Processing an image may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2024-23299 [HIGH] CVE-2024-23299: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23299 Component: Disk Images Impact: An app may be able to break out of its sandbox Description: The issue was addressed with improved checks.

CVE-2024-23216 [HIGH] CVE-2024-23216: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23216 Component: PackageKit Impact: An app may be able to overwrite arbitrary files Description: A path handling issue was addressed with improved validation.

CVE-2024-23244 [HIGH] CVE-2024-23244: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23244 Component: Dock Impact: An app from a standard user account may be able to escalate privilege after admin user login Description: A logic issue was addressed with improved restrictions.

CVE-2024-23204 [HIGH] CVE-2024-23204: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23204 Component: Shortcuts Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: The issue was addressed with additional permissions checks.

CVE-2024-23270 [HIGH] CVE-2024-23270: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23270 Component: Image Processing Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2024-23276 [HIGH] CVE-2024-23276: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23276 Component: Admin Framework Impact: An app may be able to elevate privileges Description: A logic issue was addressed with improved checks.

CVE-2024-23265 [HIGH] CVE-2024-23265: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23265 Component: Kernel Impact: An app may be able to cause unexpected system termination or write kernel memory Description: A memory corruption vulnerability was addressed with improved locking.

CVE-2024-23275 [MEDIUM] CVE-2024-23275: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23275 Component: PackageKit Impact: An app may be able to access protected user data Description: A race condition was addressed with additional validation.

CVE-2023-40389 [MEDIUM] CVE-2023-40389: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2023-40389 Component: Transparency Impact: An app may be able to access sensitive user data Description: The issue was addressed with improved restriction of data container access.

CVE-2024-23283 [MEDIUM] CVE-2024-23283: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23283 Component: CVE-2024-23283

CVE-2024-23266 [MEDIUM] CVE-2024-23266: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23266 Component: Kerberos v5 PAM module Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2024-23267 [MEDIUM] CVE-2024-23267: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23267 Component: PackageKit Impact: An app may be able to bypass certain Privacy preferences Description: The issue was addressed with improved checks.

CVE-2024-23201 [MEDIUM] CVE-2024-23201: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23201 Component: CVE-2024-23225 Impact: An app may be able to cause a denial-of-service Description: A permissions issue was addressed with additional restrictions.

CVE-2024-23234 [MEDIUM] CVE-2024-23234: macOS Monterey 12.7.4 Apple Security Update: About the security content of macOS Monterey 12.7.4 Product: macOS Monterey Version: 12.7.4 CVE: CVE-2024-23234 Component: Intel Graphics Driver Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation.