Apple Macos Sequoia vulnerabilities

CVE-2024-54471 [MEDIUM] CVE-2024-54471: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-54471 Component: NetAuth Impact: A malicious application may be able to leak a user's credentials Description: This issue was addressed with additional entitlement checks.

CVE-2024-44232 [MEDIUM] CVE-2024-44232: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44232 Component: AppleAVD Impact: Parsing a maliciously crafted video file may lead to unexpected system termination Description: The issue was addressed with improved bounds checks.

CVE-2024-44264 [MEDIUM] CVE-2024-44264: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44264 Component: SystemMigration Impact: A malicious app may be able to create symlinks to protected regions of the disk Description: This issue was addressed with improved validation of symlinks.

CVE-2024-44296 [MEDIUM] CVE-2024-44296: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44296 Component: WebKit Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced Description: The issue was addressed with improved checks.

CVE-2024-44197 [MEDIUM] CVE-2024-44197: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44197 Component: IOGPUFamily Impact: An app may be able to cause unexpected system termination or corrupt kernel memory Description: The issue was addressed with improved memory handling.

CVE-2024-44302 [MEDIUM] CVE-2024-44302: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44302 Component: CoreText Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: The issue was addressed with improved checks.

CVE-2024-44260 [MEDIUM] CVE-2024-44260: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44260 Component: Assets Impact: A malicious app with root privileges may be able to modify the contents of system files Description: This issue was addressed by removing the vulnerable code.

CVE-2024-44194 [MEDIUM] CVE-2024-44194: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44194 Component: Siri Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-44282 [MEDIUM] CVE-2024-44282: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44282 Component: Foundation Impact: Parsing a file may lead to disclosure of user information Description: An out-of-bounds read was addressed with improved input validation.

CVE-2024-44247 [MEDIUM] CVE-2024-44247: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44247 Component: PackageKit Impact: A malicious application may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2024-44257 [MEDIUM] CVE-2024-44257: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44257 Component: WindowServer Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-44295 [MEDIUM] CVE-2024-44295: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44295 Component: CoreServicesUIAgent Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed with additional entitlement checks.

CVE-2024-44278 [MEDIUM] CVE-2024-44278: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44278 Component: Siri Impact: A sandboxed app may be able to access sensitive user data in system logs Description: An information disclosure issue was addressed with improved private data redaction for log entries.

CVE-2024-44201 [MEDIUM] CVE-2024-44201: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44201 Component: LaunchServices Impact: An app may be able to break out of its sandbox Description: A race condition was addressed with additional validation.

CVE-2024-44212 [MEDIUM] CVE-2024-44212: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44212 Component: WebKit Impact: Cookies belonging to one origin may be sent to another origin Description: A cookie management issue was addressed with improved state management.

CVE-2024-44279 [MEDIUM] CVE-2024-44279: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44279 Component: Shortcuts Impact: A malicious app may use shortcuts to access restricted files Description: A logic issue was addressed with improved checks.

CVE-2024-54554 [MEDIUM] CVE-2024-54554: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-54554 Component: Dock Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved handling of symlinks.

CVE-2024-44237 [MEDIUM] CVE-2024-44237: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44237 Component: Shortcuts Impact: A malicious app may use shortcuts to access restricted files Description: A logic issue was addressed with improved checks.

CVE-2024-44239 [MEDIUM] CVE-2024-44239: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44239 Component: Kernel Impact: An app may be able to leak sensitive kernel state Description: An information disclosure issue was addressed with improved private data redaction for log entries.

CVE-2024-44293 [MEDIUM] CVE-2024-44293: macOS Sequoia 15.1 Apple Security Update: About the security content of macOS Sequoia 15.1 Product: macOS Sequoia Version: 15.1 CVE: CVE-2024-44293 Component: Notification Center Impact: A user may be able to view sensitive user information Description: A privacy issue was addressed with improved private data redaction for log entries.