Apple Macos Sonoma vulnerabilities

CVE-2024-40781 [HIGH] CVE-2024-40781: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40781 Component: PackageKit Impact: A local attacker may be able to elevate their privileges Description: The issue was addressed with improved checks.

CVE-2024-40809 [HIGH] CVE-2024-40809: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40809 Component: Shortcuts Impact: A shortcut may be able to bypass Internet permission requirements Description: A logic issue was addressed with improved checks.

CVE-2024-40787 [HIGH] CVE-2024-40787: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40787 Component: Shortcuts Impact: A shortcut may be able to bypass Internet permission requirements Description: This issue was addressed by adding an additional prompt for user consent.

CVE-2023-52356 [HIGH] CVE-2023-52356: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2023-52356 Component: CVE-2023-52356

CVE-2024-44199 [HIGH] CVE-2024-44199: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-44199 Component: IOMobileFrameBuffer Impact: An app may be able to cause unexpected system termination or read kernel memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2024-40828 [HIGH] CVE-2024-40828: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40828 Component: StorageKit Impact: A malicious app may be able to gain root privileges Description: The issue was addressed with improved checks.

CVE-2024-2398 [HIGH] CVE-2024-2398: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-2398 Component: CVE-2024-2398

CVE-2024-40815 [HIGH] CVE-2024-40815: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40815 Component: DiskArbitration Impact: A person with physical access to an unlocked Mac may be able to gain root code execution Description: The issue was addressed with improved checks.

CVE-2024-40821 [HIGH] CVE-2024-40821: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40821 Component: Security Impact: Third party app extensions may not receive the correct sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions.

CVE-2024-6387 [HIGH] CVE-2024-6387: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-6387 Component: CVE-2024-6387

CVE-2024-54551 [HIGH] CVE-2024-54551: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-54551 Component: WebKit Impact: Processing web content may lead to a denial-of-service Description: The issue was addressed with improved memory handling.

CVE-2024-44305 [HIGH] CVE-2024-44305: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-44305 Component: PackageKit Impact: An app may be able to gain root privileges Description: This issue was addressed by removing the vulnerable code.

CVE-2024-40774 [HIGH] CVE-2024-40774: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40774 Component: AppleMobileFileIntegrity Impact: An app may be able to bypass Privacy preferences Description: A downgrade issue was addressed with additional code-signing restrictions.

CVE-2024-40799 [HIGH] CVE-2024-40799: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40799 Component: CoreGraphics Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds read issue was addressed with improved input validation.

CVE-2024-44307 [HIGH] CVE-2024-44307: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-44307 Component: ASP TCP Impact: An app may be able to execute arbitrary code with kernel privileges Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2024-27873 [MEDIUM] CVE-2024-27873: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-27873 Component: CoreMedia Impact: Processing a maliciously crafted video file may lead to unexpected app termination Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2024-24795 [MEDIUM] CVE-2024-24795: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-24795 Component: AirDrop Impact: A file received from AirDrop may not have the quarantine flag applied Description: This issue was addressed through improved state management.

CVE-2024-44185 [MEDIUM] CVE-2024-44185: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-44185 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: The issue was addressed with improved checks.

CVE-2024-40785 [MEDIUM] CVE-2024-40785: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40785 Component: WebKit Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: This issue was addressed with improved checks.

CVE-2024-27863 [MEDIUM] CVE-2024-27863: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-27863 Component: Kernel Impact: A local attacker may be able to determine kernel memory layout Description: An information disclosure issue was addressed with improved private data redaction for log entries.