Apple Macos Sonoma vulnerabilities

CVE-2024-40775 [MEDIUM] CVE-2024-40775: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40775 Component: AppleMobileFileIntegrity Impact: An app may be able to leak sensitive user information Description: A downgrade issue was addressed with additional code-signing restrictions.

CVE-2024-27877 [MEDIUM] CVE-2024-27877: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-27877 Component: AppleVA Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: The issue was addressed with improved memory handling.

CVE-2024-27882 [MEDIUM] CVE-2024-27882: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-27882 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: A permissions issue was addressed with additional restrictions.

CVE-2024-40816 [MEDIUM] CVE-2024-40816: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40816 Component: Kernel Impact: A local attacker may be able to cause unexpected system shutdown Description: An out-of-bounds read was addressed with improved input validation.

CVE-2024-40784 [MEDIUM] CVE-2024-40784: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40784 Component: ImageIO Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An integer overflow was addressed with improved input validation.

CVE-2024-27881 [MEDIUM] CVE-2024-27881: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-27881 Component: Scripting Bridge Impact: An app may be able to access information about a user’s contacts Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-54564 [MEDIUM] CVE-2024-54564: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-54564 Component: AirDrop Impact: A file received from AirDrop may not have the quarantine flag applied Description: This issue was addressed through improved state management.

CVE-2024-40794 [MEDIUM] CVE-2024-40794: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40794 Component: WebKit Impact: Private Browsing tabs may be accessed without authentication Description: This issue was addressed through improved state management.

CVE-2024-40827 [MEDIUM] CVE-2024-40827: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40827 Component: DesktopServices Impact: An app may be able to overwrite arbitrary files Description: The issue was addressed with improved checks.

CVE-2024-40810 [MEDIUM] CVE-2024-40810: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40810 Component: IOMobileFrameBuffer Impact: An app may be able to cause a coprocessor crash Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2024-40788 [MEDIUM] CVE-2024-40788: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40788 Component: Kernel Impact: A local attacker may be able to cause unexpected system shutdown Description: A type confusion issue was addressed with improved memory handling.

CVE-2024-40779 [MEDIUM] CVE-2024-40779: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40779 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2024-40793 [MEDIUM] CVE-2024-40793: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40793 Component: Shortcuts Impact: An app may be able to access user-sensitive data Description: This issue was addressed by removing the vulnerable code.

CVE-2024-40800 [MEDIUM] CVE-2024-40800: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40800 Component: Restore Framework Impact: An app may be able to modify protected parts of the file system Description: An input validation issue was addressed with improved input validation.

CVE-2024-40823 [MEDIUM] CVE-2024-40823: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40823 Component: PackageKit Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks.

CVE-2024-40804 [MEDIUM] CVE-2024-40804: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40804 Component: Accounts Impact: A malicious application may be able to access private information Description: The issue was addressed with improved checks.

CVE-2024-27871 [MEDIUM] CVE-2024-27871: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-27871 Component: Sandbox Impact: An app may be able to access protected user data Description: A path handling issue was addressed with improved validation.

CVE-2024-40818 [MEDIUM] CVE-2024-40818: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-40818 Component: Siri Impact: An attacker with physical access may be able to use Siri to access sensitive user data Description: This issue was addressed by restricting options offered on a locked device.

CVE-2024-44205 [MEDIUM] CVE-2024-44205: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-44205 Component: Siri Impact: A sandboxed app may be able to access sensitive user data in system logs Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-27883 [MEDIUM] CVE-2024-27883: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-27883 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: A permissions issue was addressed with additional restrictions.