Apple Macos Sequoia vulnerabilities

CVE-2024-44167 [MEDIUM] CVE-2024-44167: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44167 Component: Notes Impact: An app may be able to overwrite arbitrary files Description: This issue was addressed by removing the vulnerable code.

CVE-2024-40801 [MEDIUM] CVE-2024-40801: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-40801 Component: Security Initialization Impact: An app may be able to access protected user data Description: A permissions issue was addressed with additional restrictions.

CVE-2024-40857 [MEDIUM] CVE-2024-40857: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-40857 Component: WebKit Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: This issue was addressed through improved state management.

CVE-2024-27860 [MEDIUM] CVE-2024-27860: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-27860 Component: AppleVA Impact: An application may be able to read restricted memory Description: The issue was addressed with improved memory handling.

CVE-2024-27858 [MEDIUM] CVE-2024-27858: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-27858 Component: Music Impact: An app may be able to access protected user data Description: A permissions issue was addressed with additional restrictions.

CVE-2024-54560 [MEDIUM] CVE-2024-54560: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-54560 Component: LaunchServices Impact: A malicious app may be able to modify other apps without having App Management permission Description: A logic issue was addressed with improved checks.

CVE-2024-44191 [MEDIUM] CVE-2024-44191: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44191 Component: Kernel Impact: An app may gain unauthorized access to Bluetooth Description: This issue was addressed through improved state management.

CVE-2024-40797 [MEDIUM] CVE-2024-40797: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-40797 Component: Safari Impact: Visiting a malicious website may lead to user interface spoofing Description: This issue was addressed through improved state management.

CVE-2024-44198 [MEDIUM] CVE-2024-44198: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44198 Component: LaunchServices Impact: An application may be able to break out of its sandbox Description: A logic issue was addressed with improved checks.

CVE-2024-40850 [MEDIUM] CVE-2024-40850: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-40850 Component: Game Center Impact: An app may be able to access user-sensitive data Description: A file access issue was addressed with improved input validation.

CVE-2024-44175 [MEDIUM] CVE-2024-44175: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44175 Component: Kernel Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved validation of symlinks.

CVE-2024-44158 [MEDIUM] CVE-2024-44158: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44158 Component: Shortcuts Impact: A shortcut may output sensitive user data without consent Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-44154 [MEDIUM] CVE-2024-44154: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44154 Component: AppleGraphicsControl Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: A memory initialization issue was addressed with improved memory handling.

CVE-2024-40859 [MEDIUM] CVE-2024-40859: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-40859 Component: TV App Impact: An app may be able to access user-sensitive data Description: A permissions issue was addressed with additional restrictions.

CVE-2024-44190 [MEDIUM] CVE-2024-44190: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44190 Component: System Settings Impact: An app may be able to read arbitrary files Description: A path handling issue was addressed with improved validation.

CVE-2024-54558 [LOW] CVE-2024-54558: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-54558 Component: TCC Impact: An app may be able to trick a user into granting access to photos from the user's photo library Description: A clickjacking issue was addressed with improved out-of-process view handling.

CVE-2024-44123 [LOW] CVE-2024-44123: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44123 Component: Security Impact: A malicious app with root privileges may be able to access keyboard input and location information without user consent Description: A permissions issue was addressed with additional restrictions.

CVE-2024-40792 [LOW] CVE-2024-40792: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-40792 Component: Airport Impact: A malicious app may be able to change network settings Description: A permissions issue was addressed with additional restrictions.

CVE-2024-44179 [LOW] CVE-2024-44179: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-44179 Component: Siri Impact: An attacker with physical access to a device may be able to read contact numbers from the lock screen Description: This issue was addressed by restricting options offered on a locked device.

CVE-2024-40838 [LOW] CVE-2024-40838: macOS Sequoia 15 Apple Security Update: About the security content of macOS Sequoia 15 Product: macOS Sequoia Version: 15 CVE: CVE-2024-40838 Component: Notification Center Impact: A malicious app may be able to access notifications from the user's device Description: A privacy issue was addressed by moving sensitive data to a protected location.