Apple Macos Sonoma vulnerabilities

CVE-2024-23285 [MEDIUM] CVE-2024-23285: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23285 Component: Music Impact: An app may be able to create symlinks to protected regions of the disk Description: This issue was addressed with improved handling of symlinks.

CVE-2024-23241 [MEDIUM] CVE-2024-23241: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23241 Component: CVE-2024-23241

CVE-2024-23264 [MEDIUM] CVE-2024-23264: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23264 Component: Metal Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization.

CVE-2024-27809 [MEDIUM] CVE-2024-27809: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-27809 Component: Music Impact: An app may be able to access user-sensitive data Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-23266 [MEDIUM] CVE-2024-23266: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23266 Component: Kerberos v5 PAM module Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2024-23234 [MEDIUM] CVE-2024-23234: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23234 Component: Intel Graphics Driver Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2023-51384 [MEDIUM] CVE-2023-51384: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2023-51384 Component: CVE-2023-51384

CVE-2024-27886 [MEDIUM] CVE-2024-27886: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-27886 Component: AppKit Impact: An unprivileged app may be able to log keystrokes in other apps including those using secure input mode Description: A logic issue was addressed with improved restrictions.

CVE-2024-23280 [MEDIUM] CVE-2024-23280: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23280 Component: WebKit Impact: A maliciously crafted webpage may be able to fingerprint the user Description: An injection issue was addressed with improved validation.

CVE-2024-23254 [MEDIUM] CVE-2024-23254: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23254 Component: WebKit Impact: A malicious website may exfiltrate audio data cross-origin Description: The issue was addressed with improved UI handling.

CVE-2024-23290 [MEDIUM] CVE-2024-23290: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23290 Component: Sandbox Impact: An app may be able to access user-sensitive data Description: A logic issue was addressed with improved restrictions.

CVE-2023-51385 [MEDIUM] CVE-2023-51385: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2023-51385 Component: CVE-2023-51385

CVE-2024-23279 [MEDIUM] CVE-2024-23279: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23279 Component: MediaRemote Impact: An app may be able to access user-sensitive data Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-23229 [MEDIUM] CVE-2024-23229: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23229 Component: Find My Impact: A malicious application may be able to access Find My data Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-23277 [MEDIUM] CVE-2024-23277: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23277 Component: Bluetooth Impact: An attacker in a privileged network position may be able to inject keystrokes by spoofing a keyboard Description: The issue was addressed with improved checks.

CVE-2024-23275 [MEDIUM] CVE-2024-23275: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23275 Component: PackageKit Impact: An app may be able to access protected user data Description: A race condition was addressed with additional validation.

CVE-2024-23281 [MEDIUM] CVE-2024-23281: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23281 Component: System Settings Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved state management.

CVE-2024-27789 [MEDIUM] CVE-2024-27789: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-27789 Component: Foundation Impact: An app may be able to access user-sensitive data Description: A logic issue was addressed with improved checks.

CVE-2024-23269 [MEDIUM] CVE-2024-23269: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23269 Component: AppleMobileFileIntegrity Impact: An app may be able to modify protected parts of the file system Description: A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.

CVE-2024-23267 [MEDIUM] CVE-2024-23267: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23267 Component: PackageKit Impact: An app may be able to bypass certain Privacy preferences Description: The issue was addressed with improved checks.