Apple Macos Sequoia vulnerabilities

CVE-2024-40843 [MEDIUM] CVE-2024-40843: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-40843 Component: XProtect Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2024-44155 [MEDIUM] CVE-2024-44155: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44155 Component: Safari Impact: Maliciously crafted web content may violate iframe sandboxing policy Description: A custom URL scheme handling issue was addressed with improved input validation.

CVE-2024-44181 [MEDIUM] CVE-2024-44181: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44181 Component: Maps Impact: An app may be able to read sensitive location information Description: An issue was addressed with improved handling of temporary files.

CVE-2024-40837 [MEDIUM] CVE-2024-40837: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-40837 Component: AppleMobileFileIntegrity Impact: An app may be able to access protected user data Description: A permissions issue was addressed with additional restrictions.

CVE-2024-44184 [MEDIUM] CVE-2024-44184: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44184 Component: Transparency Impact: An app may be able to access user-sensitive data Description: A permissions issue was addressed with additional restrictions.

CVE-2024-44145 [MEDIUM] CVE-2024-44145: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44145 Component: Sidecar Impact: An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock Screen Description: This issue was addressed through improved state management.

CVE-2024-44130 [MEDIUM] CVE-2024-44130: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44130 Component: CVE-2024-44130

CVE-2024-40842 [MEDIUM] CVE-2024-40842: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-40842 Component: XProtect Impact: An app may be able to access user-sensitive data Description: An issue was addressed with improved validation of environment variables.

CVE-2024-44176 [MEDIUM] CVE-2024-44176: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44176 Component: ImageIO Impact: Processing an image may lead to a denial-of-service Description: An out-of-bounds access issue was addressed with improved bounds checking.

CVE-2024-44128 [MEDIUM] CVE-2024-44128: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44128 Component: Automator Impact: An Automator Quick Action workflow may be able to bypass Gatekeeper Description: This issue was addressed by adding an additional prompt for user consent.

CVE-2024-44177 [MEDIUM] CVE-2024-44177: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44177 Component: Dock Impact: An app may be able to access user-sensitive data Description: A privacy issue was addressed by removing sensitive data.

CVE-2024-54467 [MEDIUM] CVE-2024-54467: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-54467 Component: WebKit Impact: A malicious website may exfiltrate data cross-origin Description: A cookie management issue was addressed with improved state management.

CVE-2024-54473 [MEDIUM] CVE-2024-54473: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-54473 Component: Maps Impact: An app may be able to access user-sensitive data Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-23237 [MEDIUM] CVE-2024-23237: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-23237 Component: Wi-Fi Impact: An app may be able to cause a denial-of-service Description: The issue was addressed with improved memory handling.

CVE-2024-27876 [MEDIUM] CVE-2024-27876: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-27876 Component: Compression Impact: Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files Description: A race condition was addressed with improved locking.

CVE-2024-44135 [MEDIUM] CVE-2024-44135: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44135 Component: AppSandbox Impact: An app may be able to access protected files within an App Sandbox container Description: A permissions issue was addressed with additional restrictions.

CVE-2024-44153 [MEDIUM] CVE-2024-44153: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44153 Component: Accounts Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved permissions logic.

CVE-2024-27861 [MEDIUM] CVE-2024-27861: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-27861 Component: AppleVA Impact: An application may be able to read restricted memory Description: The issue was addressed with improved memory handling.

CVE-2024-44187 [MEDIUM] CVE-2024-44187: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44187 Component: WebKit Impact: A malicious website may exfiltrate data cross-origin Description: A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins.

CVE-2024-44144 [MEDIUM] CVE-2024-44144: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44144 Component: SceneKit Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: A buffer overflow was addressed with improved size validation.