Apple Macos Ventura vulnerabilities

CVE-2024-44126 [HIGH] CVE-2024-44126: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-44126 Component: ARKit Impact: Processing a maliciously crafted file may lead to heap corruption Description: The issue was addressed with improved checks.

CVE-2024-44289 [HIGH] CVE-2024-44289: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-44289 Component: Find My Impact: An app may be able to read sensitive location information Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-54538 [HIGH] CVE-2024-54538: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-54538 Component: Security Impact: A remote attacker may be able to cause a denial-of-service Description: A denial-of-service issue was addressed with improved input validation.

CVE-2024-44253 [MEDIUM] CVE-2024-44253: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-44253 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2024-44240 [MEDIUM] CVE-2024-44240: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-44240 Component: CoreText Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: The issue was addressed with improved checks.

CVE-2024-44302 [MEDIUM] CVE-2024-44302: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-44302 Component: CoreText Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: The issue was addressed with improved checks.

CVE-2024-44297 [MEDIUM] CVE-2024-44297: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-44297 Component: ImageIO Impact: Processing a maliciously crafted message may lead to a denial-of-service Description: The issue was addressed with improved bounds checks.

CVE-2024-44295 [MEDIUM] CVE-2024-44295: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-44295 Component: CoreServicesUIAgent Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed with additional entitlement checks.

CVE-2024-44254 [MEDIUM] CVE-2024-44254: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-44254 Component: Shortcuts Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-44233 [MEDIUM] CVE-2024-44233: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-44233 Component: AppleAVD Impact: Parsing a maliciously crafted video file may lead to unexpected system termination Description: The issue was addressed with improved bounds checks.

CVE-2024-44267 [MEDIUM] CVE-2024-44267: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-44267 Component: PackageKit Impact: A malicious application may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2024-44280 [MEDIUM] CVE-2024-44280: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-44280 Component: AppleMobileFileIntegrity Impact: An app may be able to modify protected parts of the file system Description: A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.

CVE-2024-44281 [MEDIUM] CVE-2024-44281: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-44281 Component: Shortcuts Impact: A malicious app may use shortcuts to access restricted files Description: A logic issue was addressed with improved checks.

CVE-2024-44234 [MEDIUM] CVE-2024-44234: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-44234 Component: AppleAVD Impact: Parsing a maliciously crafted video file may lead to unexpected system termination Description: The issue was addressed with improved bounds checks.

CVE-2024-44137 [MEDIUM] CVE-2024-44137: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-44137 Component: Screen Capture Impact: An attacker with physical access may be able to share items from the lock screen Description: The issue was addressed with improved checks.

CVE-2024-44213 [MEDIUM] CVE-2024-44213: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-44213 Component: CUPS Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: An issue existed in the parsing of URLs. This issue was addressed with improved input validation.

CVE-2024-40854 [MEDIUM] CVE-2024-40854: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-40854 Component: GPU Drivers Impact: An app may be able to cause unexpected system termination Description: A memory initialization issue was addressed with improved memory handling.

CVE-2024-40855 [MEDIUM] CVE-2024-40855: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-40855 Component: DiskArbitration Impact: A sandboxed app may be able to access sensitive user data Description: The issue was addressed with improved checks.

CVE-2024-44279 [MEDIUM] CVE-2024-44279: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-44279 Component: Shortcuts Impact: A malicious app may use shortcuts to access restricted files Description: A logic issue was addressed with improved checks.

CVE-2024-44275 [MEDIUM] CVE-2024-44275: macOS Ventura 13.7.1 Apple Security Update: About the security content of macOS Ventura 13.7.1 Product: macOS Ventura Version: 13.7.1 CVE: CVE-2024-44275 Component: PackageKit Impact: A malicious application may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.