Apple Macos Sequoia vulnerabilities

CVE-2024-44299 [CRITICAL] CVE-2024-44299: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44299 Component: IOMobileFrameBuffer Impact: An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware Description: The issue was addressed with improved bounds checks.

CVE-2024-44241 [CRITICAL] CVE-2024-44241: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44241 Component: IOMobileFrameBuffer Impact: An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware Description: The issue was addressed with improved bounds checks.

CVE-2024-44156 [HIGH] CVE-2024-44156: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44156 Component: PackageKit Impact: An app may be able to bypass Privacy preferences Description: A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges.

CVE-2024-44285 [HIGH] CVE-2024-44285: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44285 Component: IOSurface Impact: An app may be able to cause unexpected system termination or corrupt kernel memory Description: A use-after-free issue was addressed with improved memory management.

CVE-2024-44303 [HIGH] CVE-2024-44303: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44303 Component: PackageKit Impact: A malicious application may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2024-44255 [HIGH] CVE-2024-44255: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44255 Component: App Support Impact: A malicious app may be able to run arbitrary shortcuts without user consent Description: A path handling issue was addressed with improved logic.

CVE-2024-44250 [HIGH] CVE-2024-44250: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44250 Component: XPC Impact: An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges Description: A permissions issue was addressed with additional restrictions.

CVE-2024-40849 [HIGH] CVE-2024-40849: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-40849 Component: LaunchServices Impact: An app may be able to break out of its sandbox Description: A race condition was addressed with additional validation.

CVE-2024-44256 [HIGH] CVE-2024-44256: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44256 Component: Messages Impact: An app may be able to break out of its sandbox Description: The issue was addressed with improved input sanitization.

CVE-2024-44219 [HIGH] CVE-2024-44219: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44219 Component: Sandbox Impact: A malicious application with root privileges may be able to access private information Description: A permissions issue was addressed with additional restrictions.

CVE-2024-44238 [HIGH] CVE-2024-44238: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44238 Component: IOMobileFrameBuffer Impact: An app may be able to corrupt coprocessor memory Description: The issue was addressed with improved bounds checks.

CVE-2024-38477 [HIGH] CVE-2024-38477: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-38477 Component: CVE-2024-38477

CVE-2024-44277 [HIGH] CVE-2024-44277: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44277 Component: Pro Res Impact: An app may be able to cause unexpected system termination or corrupt kernel memory Description: The issue was addressed with improved memory handling.

CVE-2024-44195 [HIGH] CVE-2024-44195: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44195 Component: Quick Look Impact: An app may be able to read arbitrary files Description: A logic issue was addressed with improved validation.

CVE-2024-44159 [HIGH] CVE-2024-44159: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44159 Component: PackageKit Impact: An app may be able to bypass Privacy preferences Description: A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges.

CVE-2024-54538 [HIGH] CVE-2024-54538: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-54538 Component: Security Impact: A remote attacker may be able to cause a denial-of-service Description: A denial-of-service issue was addressed with improved input validation.

CVE-2024-44289 [HIGH] CVE-2024-44289: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44289 Component: Find My Impact: An app may be able to read sensitive location information Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-39573 [HIGH] CVE-2024-39573: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-39573 Component: CVE-2024-39573

CVE-2024-44259 [HIGH] CVE-2024-44259: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44259 Component: Safari Downloads Impact: An attacker may be able to misuse a trust relationship to download malicious content Description: This issue was addressed through improved state management.

CVE-2024-44286 [HIGH] CVE-2024-44286: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44286 Component: LaunchServices Impact: An attacker with physical access can input keyboard events to apps running on a locked device Description: This issue was addressed through improved state management.