Apple Macos Sonoma vulnerabilities

CVE-2024-27837 [LOW] CVE-2024-27837: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27837 Component: AppleMobileFileIntegrity Impact: A local attacker may gain access to Keychain items Description: A downgrade issue was addressed with additional code-signing restrictions.

CVE-2024-1580 [MEDIUM] CVE-2024-1580: macOS Sonoma 14.4.1 Apple Security Update: About the security content of macOS Sonoma 14.4.1 Product: macOS Sonoma Version: 14.4.1 CVE: CVE-2024-1580 Component: CoreMedia Impact: Processing an image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2024-23261 [HIGH] CVE-2024-23261: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23261 Component: Time Zone Impact: An attacker may be able to read information belonging to another user Description: A logic issue was addressed with improved state management.

CVE-2024-23233 [HIGH] CVE-2024-23233: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23233 Component: AppleMobileFileIntegrity Impact: Entitlements and privacy permissions granted to this app may be used by a malicious app Description: This issue was addressed with improved checks.

CVE-2024-23248 [HIGH] CVE-2024-23248: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23248 Component: ColorSync Impact: Processing a file may lead to a denial-of-service or potentially disclose memory contents Description: The issue was addressed with improved memory handling.

CVE-2024-23268 [HIGH] CVE-2024-23268: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23268 Component: PackageKit Impact: An app may be able to elevate privileges Description: An injection issue was addressed with improved input validation.

CVE-2024-23276 [HIGH] CVE-2024-23276: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23276 Component: Admin Framework Impact: An app may be able to elevate privileges Description: A logic issue was addressed with improved checks.

CVE-2024-23226 [HIGH] CVE-2024-23226: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23226 Component: WebKit Impact: Processing web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2024-23270 [HIGH] CVE-2024-23270: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23270 Component: Image Processing Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2024-23247 [HIGH] CVE-2024-23247: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23247 Component: ColorSync Impact: Processing a file may lead to unexpected app termination or arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2024-27859 [HIGH] CVE-2024-27859: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-27859 Component: WebKit Impact: Processing web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2024-23286 [HIGH] CVE-2024-23286: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23286 Component: ImageIO Impact: Processing an image may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2024-23265 [HIGH] CVE-2024-23265: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23265 Component: Kernel Impact: An app may be able to cause unexpected system termination or write kernel memory Description: A memory corruption vulnerability was addressed with improved locking.

CVE-2024-23299 [HIGH] CVE-2024-23299: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23299 Component: Disk Images Impact: An app may be able to break out of its sandbox Description: The issue was addressed with improved checks.

CVE-2024-0258 [HIGH] CVE-2024-0258: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-0258 Component: CVE-2024-23225 Impact: A maliciously crafted ZIP archive may bypass Gatekeeper checks Description: This issue was addressed with improved checks.

CVE-2024-23296 [HIGH] CVE-2024-23296: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23296 Component: CVE-2024-23296

CVE-2024-23244 [HIGH] CVE-2024-23244: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23244 Component: Dock Impact: An app from a standard user account may be able to escalate privilege after admin user login Description: A logic issue was addressed with improved restrictions.

CVE-2024-23225 [HIGH] CVE-2024-23225: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23225 Component: CVE-2024-23225 Impact: A maliciously crafted ZIP archive may bypass Gatekeeper checks Description: This issue was addressed with improved checks.

CVE-2024-23216 [HIGH] CVE-2024-23216: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23216 Component: PackageKit Impact: An app may be able to overwrite arbitrary files Description: A path handling issue was addressed with improved validation.

CVE-2024-23288 [HIGH] CVE-2024-23288: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23288 Component: AppleMobileFileIntegrity Impact: An app may be able to elevate privileges Description: This issue was addressed by removing the vulnerable code.