Apple Macos Sonoma vulnerabilities

CVE-2024-40845 [MEDIUM] CVE-2024-40845: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-40845 Component: AppleGraphicsControl Impact: Processing a maliciously crafted video file may lead to unexpected app termination Description: The issue was addressed with improved memory handling.

CVE-2024-40850 [MEDIUM] CVE-2024-40850: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-40850 Component: Game Center Impact: An app may be able to access user-sensitive data Description: A file access issue was addressed with improved input validation.

CVE-2024-44176 [MEDIUM] CVE-2024-44176: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44176 Component: ImageIO Impact: Processing an image may lead to a denial-of-service Description: An out-of-bounds access issue was addressed with improved bounds checking.

CVE-2024-44184 [MEDIUM] CVE-2024-44184: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44184 Component: Transparency Impact: An app may be able to access user-sensitive data Description: A permissions issue was addressed with additional restrictions.

CVE-2024-44178 [MEDIUM] CVE-2024-44178: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44178 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed with improved validation of symlinks.

CVE-2024-44158 [MEDIUM] CVE-2024-44158: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44158 Component: Shortcuts Impact: A shortcut may output sensitive user data without consent Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-44135 [MEDIUM] CVE-2024-44135: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44135 Component: AppSandbox Impact: An app may be able to access protected files within an App Sandbox container Description: A permissions issue was addressed with additional restrictions.

CVE-2024-44128 [MEDIUM] CVE-2024-44128: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-44128 Component: Automator Impact: An Automator Quick Action workflow may be able to bypass Gatekeeper Description: This issue was addressed by adding an additional prompt for user consent.

CVE-2024-27880 [MEDIUM] CVE-2024-27880: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-27880 Component: ImageIO Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds read issue was addressed with improved input validation.

CVE-2024-40791 [LOW] CVE-2024-40791: macOS Sonoma 14.7 Apple Security Update: About the security content of macOS Sonoma 14.7 Product: macOS Sonoma Version: 14.7 CVE: CVE-2024-40791 Component: Mail Accounts Impact: An app may be able to access information about a user's contacts Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-44206 [CRITICAL] CVE-2024-44206: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-44206 Component: WebKit Impact: A user may be able to bypass some web content restrictions Description: An issue in the handling of URL protocols was addressed with improved logic.

CVE-2024-4558 [CRITICAL] CVE-2024-4558: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-4558 Component: CVE-2024-4558

CVE-2024-44306 [HIGH] CVE-2024-44306: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-44306 Component: ASP TCP Impact: An app may be able to execute arbitrary code with kernel privileges Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2024-40802 [HIGH] CVE-2024-40802: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40802 Component: PackageKit Impact: A local attacker may be able to elevate their privileges Description: The issue was addressed with improved checks.

CVE-2024-40812 [HIGH] CVE-2024-40812: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40812 Component: Shortcuts Impact: A shortcut may be able to bypass Internet permission requirements Description: A logic issue was addressed with improved checks.

CVE-2023-38709 [HIGH] CVE-2023-38709: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2023-38709 Component: AirDrop Impact: A file received from AirDrop may not have the quarantine flag applied Description: This issue was addressed through improved state management.

CVE-2024-27316 [HIGH] CVE-2024-27316: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-27316 Component: AirDrop Impact: A file received from AirDrop may not have the quarantine flag applied Description: This issue was addressed through improved state management.

CVE-2024-40803 [HIGH] CVE-2024-40803: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40803 Component: Keychain Access Impact: An attacker may be able to cause unexpected app termination Description: A type confusion issue was addressed with improved checks.

CVE-2024-40814 [HIGH] CVE-2024-40814: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40814 Component: AppleMobileFileIntegrity Impact: An app may be able to bypass Privacy preferences Description: A downgrade issue was addressed with additional code-signing restrictions.

CVE-2024-40805 [HIGH] CVE-2024-40805: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40805 Component: CVE-2024-40805