Apple Macos Sonoma vulnerabilities

CVE-2024-44256 [HIGH] CVE-2024-44256: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44256 Component: Messages Impact: An app may be able to break out of its sandbox Description: The issue was addressed with improved input sanitization.

CVE-2024-44255 [HIGH] CVE-2024-44255: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44255 Component: App Support Impact: A malicious app may be able to run arbitrary shortcuts without user consent Description: A path handling issue was addressed with improved logic.

CVE-2024-44270 [HIGH] CVE-2024-44270: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44270 Component: AppleMobileFileIntegrity Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A logic issue was addressed with improved validation.

CVE-2024-44218 [HIGH] CVE-2024-44218: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44218 Component: SceneKit Impact: Processing a maliciously crafted file may lead to heap corruption Description: This issue was addressed with improved checks.

CVE-2024-44159 [HIGH] CVE-2024-44159: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44159 Component: PackageKit Impact: An app may be able to bypass Privacy preferences Description: A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges.

CVE-2024-44122 [HIGH] CVE-2024-44122: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44122 Component: LaunchServices Impact: An application may be able to break out of its sandbox Description: A logic issue was addressed with improved checks.

CVE-2024-44289 [HIGH] CVE-2024-44289: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44289 Component: Find My Impact: An app may be able to read sensitive location information Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-44156 [HIGH] CVE-2024-44156: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44156 Component: PackageKit Impact: An app may be able to bypass Privacy preferences Description: A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges.

CVE-2024-44234 [MEDIUM] CVE-2024-44234: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44234 Component: AppleAVD Impact: Parsing a maliciously crafted video file may lead to unexpected system termination Description: The issue was addressed with improved bounds checks.

CVE-2024-44253 [MEDIUM] CVE-2024-44253: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44253 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2024-44287 [MEDIUM] CVE-2024-44287: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44287 Component: Installer Impact: A malicious application may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2024-44295 [MEDIUM] CVE-2024-44295: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44295 Component: CoreServicesUIAgent Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed with additional entitlement checks.

CVE-2024-44232 [MEDIUM] CVE-2024-44232: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44232 Component: AppleAVD Impact: Parsing a maliciously crafted video file may lead to unexpected system termination Description: The issue was addressed with improved bounds checks.

CVE-2024-44278 [MEDIUM] CVE-2024-44278: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44278 Component: Siri Impact: A sandboxed app may be able to access sensitive user data in system logs Description: An information disclosure issue was addressed with improved private data redaction for log entries.

CVE-2024-40855 [MEDIUM] CVE-2024-40855: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-40855 Component: DiskArbitration Impact: A sandboxed app may be able to access sensitive user data Description: The issue was addressed with improved checks.

CVE-2024-44233 [MEDIUM] CVE-2024-44233: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44233 Component: AppleAVD Impact: Parsing a maliciously crafted video file may lead to unexpected system termination Description: The issue was addressed with improved bounds checks.

CVE-2024-44260 [MEDIUM] CVE-2024-44260: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44260 Component: Assets Impact: A malicious app with root privileges may be able to modify the contents of system files Description: This issue was addressed by removing the vulnerable code.

CVE-2024-44197 [MEDIUM] CVE-2024-44197: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44197 Component: IOGPUFamily Impact: An app may be able to cause unexpected system termination or corrupt kernel memory Description: The issue was addressed with improved memory handling.

CVE-2024-40854 [MEDIUM] CVE-2024-40854: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-40854 Component: GPU Drivers Impact: An app may be able to cause unexpected system termination Description: A memory initialization issue was addressed with improved memory handling.

CVE-2024-44213 [MEDIUM] CVE-2024-44213: macOS Sonoma 14.7.1 Apple Security Update: About the security content of macOS Sonoma 14.7.1 Product: macOS Sonoma Version: 14.7.1 CVE: CVE-2024-44213 Component: CUPS Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: An issue existed in the parsing of URLs. This issue was addressed with improved input validation.