Apple Macos Sonoma vulnerabilities

CVE-2024-23214 [HIGH] CVE-2024-23214: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23214 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2024-23203 [HIGH] CVE-2024-23203: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23203 Component: Shortcuts Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: The issue was addressed with additional permissions checks.

CVE-2024-27791 [HIGH] CVE-2024-27791: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-27791 Component: Power Manager Impact: An app may be able to corrupt coprocessor memory Description: The issue was addressed with improved checks.

CVE-2024-23212 [HIGH] CVE-2024-23212: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23212 Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2024-23204 [HIGH] CVE-2024-23204: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23204 Component: Shortcuts Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: The issue was addressed with additional permissions checks.

CVE-2024-23213 [HIGH] CVE-2024-23213: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23213 Component: WebKit Impact: Processing web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2024-23222 [HIGH] CVE-2024-23222: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23222 Component: CVE-2024-23222

CVE-2024-23208 [HIGH] CVE-2024-23208: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23208 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2024-23209 [HIGH] CVE-2024-23209: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23209 Component: CVE-2024-23209

CVE-2024-23218 [MEDIUM] CVE-2024-23218: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23218 Component: CoreCrypto Impact: An attacker may be able to decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private key Description: A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions.

CVE-2024-23206 [MEDIUM] CVE-2024-23206: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23206 Component: WebKit Impact: A maliciously crafted webpage may be able to fingerprint the user Description: An access issue was addressed with improved access restrictions.

CVE-2024-23271 [MEDIUM] CVE-2024-23271: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23271 Component: WebKit Impact: A malicious website may cause unexpected cross-origin behavior Description: A logic issue was addressed with improved checks.

CVE-2024-23201 [MEDIUM] CVE-2024-23201: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23201 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2024-23207 [MEDIUM] CVE-2024-23207: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23207 Component: Mail Search Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-23223 [MEDIUM] CVE-2024-23223: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23223 Component: NSSpellChecker Impact: An app may be able to access sensitive user data Description: A privacy issue was addressed with improved handling of files.

CVE-2024-23215 [MEDIUM] CVE-2024-23215: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23215 Component: TCC Impact: An app may be able to access user-sensitive data Description: An issue was addressed with improved handling of temporary files.

CVE-2024-23224 [MEDIUM] CVE-2024-23224: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23224 Component: Finder Impact: An app may be able to access sensitive user data Description: The issue was addressed with improved checks.

CVE-2024-23210 [LOW] CVE-2024-23210: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23210 Component: Time Zone Impact: An app may be able to view a user's phone number in system logs Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-23217 [LOW] CVE-2024-23217: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23217 Component: Shortcuts Impact: An app may be able to bypass certain Privacy preferences Description: A privacy issue was addressed with improved handling of temporary files.

CVE-2024-23211 [LOW] CVE-2024-23211: macOS Sonoma 14.3 Apple Security Update: About the security content of macOS Sonoma 14.3 Product: macOS Sonoma Version: 14.3 CVE: CVE-2024-23211 Component: Safari Impact: A user's private browsing activity may be visible in Settings Description: A privacy issue was addressed with improved handling of user preferences.