Apple Macos Sonoma vulnerabilities

CVE-2024-44151 [MEDIUM] CVE-2024-44151: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44151 Component: Automator Impact: An Automator Quick Action workflow may be able to bypass Gatekeeper Description: This issue was addressed by adding an additional prompt for user consent.

CVE-2024-40844 [MEDIUM] CVE-2024-40844: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-40844 Component: Shortcuts Impact: An app may be able to observe data displayed to the user by Shortcuts Description: A privacy issue was addressed with improved handling of temporary files.

CVE-2024-40801 [MEDIUM] CVE-2024-40801: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-40801 Component: Security Initialization Impact: An app may be able to access protected user data Description: A permissions issue was addressed with additional restrictions.

CVE-2024-44168 [MEDIUM] CVE-2024-44168: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44168 Component: AppleMobileFileIntegrity Impact: An app may be able to modify protected parts of the file system Description: A library injection issue was addressed with additional restrictions.

CVE-2024-40847 [MEDIUM] CVE-2024-40847: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-40847 Component: AppleMobileFileIntegrity Impact: An app may be able to access sensitive user data Description: The issue was addressed with additional code-signing restrictions.

CVE-2024-44153 [MEDIUM] CVE-2024-44153: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44153 Component: Accounts Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved permissions logic.

CVE-2024-44166 [MEDIUM] CVE-2024-44166: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44166 Component: System Settings Impact: An app may be able to access user-sensitive data Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-40860 [MEDIUM] CVE-2024-40860: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-40860 Component: Shortcuts Impact: An app may be able to observe data displayed to the user by Shortcuts Description: A privacy issue was addressed with improved handling of temporary files.

CVE-2024-44169 [MEDIUM] CVE-2024-44169: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44169 Component: IOSurfaceAccelerator Impact: An app may be able to cause unexpected system termination Description: The issue was addressed with improved memory handling.

CVE-2024-44167 [MEDIUM] CVE-2024-44167: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44167 Component: Notes Impact: An app may be able to overwrite arbitrary files Description: This issue was addressed by removing the vulnerable code.

CVE-2024-44154 [MEDIUM] CVE-2024-44154: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44154 Component: AppleGraphicsControl Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: A memory initialization issue was addressed with improved memory handling.

CVE-2024-40841 [MEDIUM] CVE-2024-40841: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-40841 Component: AppleVA Impact: Processing a maliciously crafted video file may lead to unexpected app termination Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2024-40797 [MEDIUM] CVE-2024-40797: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-40797 Component: Safari Impact: Visiting a malicious website may lead to user interface spoofing Description: This issue was addressed through improved state management.

CVE-2024-54469 [MEDIUM] CVE-2024-54469: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-54469 Component: FileProvider Impact: A local user may be able to leak sensitive user information Description: The issue was addressed with improved checks.

CVE-2024-44163 [MEDIUM] CVE-2024-44163: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44163 Component: Sandbox Impact: A malicious application may be able to access private information Description: The issue was addressed with improved checks.

CVE-2024-27876 [MEDIUM] CVE-2024-27876: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-27876 Component: Compression Impact: Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files Description: A race condition was addressed with improved locking.

CVE-2024-44125 [MEDIUM] CVE-2024-44125: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44125 Component: Sandbox Impact: A malicious application may be able to leak sensitive user information Description: The issue was addressed with improved checks.

CVE-2024-44183 [MEDIUM] CVE-2024-44183: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44183 Component: Maps Impact: An app may be able to read sensitive location information Description: An issue was addressed with improved handling of temporary files.

CVE-2024-44182 [MEDIUM] CVE-2024-44182: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44182 Component: App Intents Impact: An app may be able to access sensitive data logged when a shortcut fails to launch another app Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-44181 [MEDIUM] CVE-2024-44181: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44181 Component: Maps Impact: An app may be able to read sensitive location information Description: An issue was addressed with improved handling of temporary files.