Apple Macos Sonoma vulnerabilities

CVE-2024-23259 [MEDIUM] CVE-2024-23259: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23259 Component: Safari Impact: Processing web content may lead to a denial-of-service Description: The issue was addressed with improved checks.

CVE-2024-27887 [MEDIUM] CVE-2024-27887: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-27887 Component: NSSpellChecker Impact: An app may be able to access user-sensitive data Description: A path handling issue was addressed with improved validation.

CVE-2024-23250 [MEDIUM] CVE-2024-23250: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23250 Component: CoreBluetooth - LE Impact: An app may be able to access Bluetooth-connected microphones without user permission Description: An access issue was addressed with improved access restrictions.

CVE-2024-23205 [MEDIUM] CVE-2024-23205: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23205 Component: CVE-2024-23205 Impact: Processing a file may lead to a denial-of-service or potentially disclose memory contents Description: This issue was addressed with improved checks.

CVE-2024-23231 [MEDIUM] CVE-2024-23231: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23231 Component: Share Sheet Impact: An app may be able to access user-sensitive data Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-48795 [MEDIUM] CVE-2023-48795: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2023-48795 Component: CVE-2023-48795

CVE-2024-27792 [MEDIUM] CVE-2024-27792: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-27792 Component: TCC Impact: An app may be able to access user-sensitive data Description: This issue was addressed by adding an additional prompt for user consent.

CVE-2024-23260 [MEDIUM] CVE-2024-23260: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23260 Component: TV App Impact: An app may be able to access user-sensitive data Description: This issue was addressed by removing additional entitlements.

CVE-2024-23284 [MEDIUM] CVE-2024-23284: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23284 Component: WebKit Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced Description: A logic issue was addressed with improved state management.

CVE-2024-23238 [LOW] CVE-2024-23238: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23238 Component: CVE-2024-23238

CVE-2024-23292 [LOW] CVE-2024-23292: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23292 Component: Shortcuts Impact: An app may be able to access information about a user's contacts Description: This issue was addressed with improved data protection.

CVE-2024-23242 [LOW] CVE-2024-23242: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23242 Component: CVE-2024-23242

CVE-2024-23255 [LOW] CVE-2024-23255: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23255 Component: Photos Impact: Photos in the Hidden Photos Album may be viewed without authentication Description: An authentication issue was addressed with improved state management.

CVE-2024-23291 [LOW] CVE-2024-23291: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23291 Component: CVE-2024-23291

CVE-2024-23289 [LOW] CVE-2024-23289: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23289 Component: Siri Impact: A person with physical access to a device may be able to use Siri to access private calendar information Description: A lock screen issue was addressed with improved state management.

CVE-2024-23257 [LOW] CVE-2024-23257: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23257 Component: ImageIO Impact: Processing an image may result in disclosure of process memory Description: The issue was addressed with improved memory handling.

CVE-2024-23245 [LOW] CVE-2024-23245: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23245 Component: Shortcuts Impact: Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent Description: This issue was addressed by adding an additional prompt for user consent.

CVE-2024-23232 [LOW] CVE-2024-23232: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23232 Component: Screen Capture Impact: An app may be able to capture a user's screen Description: A privacy issue was addressed with improved handling of temporary files.

CVE-2024-23253 [LOW] CVE-2024-23253: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23253 Component: Image Capture Impact: An app may be able to access a user's Photos Library Description: A permissions issue was addressed with additional restrictions.

CVE-2024-23227 [LOW] CVE-2024-23227: macOS Sonoma 14.4 Apple Security Update: About the security content of macOS Sonoma 14.4 Product: macOS Sonoma Version: 14.4 CVE: CVE-2024-23227 Component: Airport Impact: An app may be able to read sensitive location information Description: This issue was addressed with improved redaction of sensitive information.