Apple Macos Ventura vulnerabilities

CVE-2024-44158 [MEDIUM] CVE-2024-44158: macOS Ventura 13.7 Apple Security Update: About the security content of macOS Ventura 13.7 Product: macOS Ventura Version: 13.7 CVE: CVE-2024-44158 Component: Shortcuts Impact: A shortcut may output sensitive user data without consent Description: This issue was addressed with improved redaction of sensitive information.

CVE-2024-40844 [MEDIUM] CVE-2024-40844: macOS Ventura 13.7 Apple Security Update: About the security content of macOS Ventura 13.7 Product: macOS Ventura Version: 13.7 CVE: CVE-2024-40844 Component: Shortcuts Impact: An app may be able to observe data displayed to the user by Shortcuts Description: A privacy issue was addressed with improved handling of temporary files.

CVE-2024-44163 [MEDIUM] CVE-2024-44163: macOS Ventura 13.7 Apple Security Update: About the security content of macOS Ventura 13.7 Product: macOS Ventura Version: 13.7 CVE: CVE-2024-44163 Component: Sandbox Impact: A malicious application may be able to access private information Description: The issue was addressed with improved checks.

CVE-2024-44183 [MEDIUM] CVE-2024-44183: macOS Ventura 13.7 Apple Security Update: About the security content of macOS Ventura 13.7 Product: macOS Ventura Version: 13.7 CVE: CVE-2024-44183 Component: Maps Impact: An app may be able to read sensitive location information Description: An issue was addressed with improved handling of temporary files.

CVE-2024-44160 [MEDIUM] CVE-2024-44160: macOS Ventura 13.7 Apple Security Update: About the security content of macOS Ventura 13.7 Product: macOS Ventura Version: 13.7 CVE: CVE-2024-44160 Component: Intel Graphics Driver Impact: Processing a maliciously crafted texture may lead to unexpected app termination Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2024-40847 [MEDIUM] CVE-2024-40847: macOS Ventura 13.7 Apple Security Update: About the security content of macOS Ventura 13.7 Product: macOS Ventura Version: 13.7 CVE: CVE-2024-40847 Component: AppleMobileFileIntegrity Impact: An app may be able to access sensitive user data Description: The issue was addressed with additional code-signing restrictions.

CVE-2024-44151 [MEDIUM] CVE-2024-44151: macOS Ventura 13.7 Apple Security Update: About the security content of macOS Ventura 13.7 Product: macOS Ventura Version: 13.7 CVE: CVE-2024-44151 Component: Automator Impact: An Automator Quick Action workflow may be able to bypass Gatekeeper Description: This issue was addressed by adding an additional prompt for user consent.

CVE-2024-44184 [MEDIUM] CVE-2024-44184: macOS Ventura 13.7 Apple Security Update: About the security content of macOS Ventura 13.7 Product: macOS Ventura Version: 13.7 CVE: CVE-2024-44184 Component: Transparency Impact: An app may be able to access user-sensitive data Description: A permissions issue was addressed with additional restrictions.

CVE-2024-44161 [MEDIUM] CVE-2024-44161: macOS Ventura 13.7 Apple Security Update: About the security content of macOS Ventura 13.7 Product: macOS Ventura Version: 13.7 CVE: CVE-2024-44161 Component: Intel Graphics Driver Impact: Processing a maliciously crafted texture may lead to unexpected app termination Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2024-44178 [MEDIUM] CVE-2024-44178: macOS Ventura 13.7 Apple Security Update: About the security content of macOS Ventura 13.7 Product: macOS Ventura Version: 13.7 CVE: CVE-2024-44178 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed with improved validation of symlinks.

CVE-2024-40797 [MEDIUM] CVE-2024-40797: macOS Ventura 13.7 Apple Security Update: About the security content of macOS Ventura 13.7 Product: macOS Ventura Version: 13.7 CVE: CVE-2024-40797 Component: Safari Impact: Visiting a malicious website may lead to user interface spoofing Description: This issue was addressed through improved state management.

CVE-2024-44176 [MEDIUM] CVE-2024-44176: macOS Ventura 13.7 Apple Security Update: About the security content of macOS Ventura 13.7 Product: macOS Ventura Version: 13.7 CVE: CVE-2024-44176 Component: ImageIO Impact: Processing an image may lead to a denial-of-service Description: An out-of-bounds access issue was addressed with improved bounds checking.

CVE-2024-44190 [MEDIUM] CVE-2024-44190: macOS Ventura 13.7 Apple Security Update: About the security content of macOS Ventura 13.7 Product: macOS Ventura Version: 13.7 CVE: CVE-2024-44190 Component: System Settings Impact: An app may be able to read arbitrary files Description: A path handling issue was addressed with improved validation.

CVE-2024-40791 [LOW] CVE-2024-40791: macOS Ventura 13.7 Apple Security Update: About the security content of macOS Ventura 13.7 Product: macOS Ventura Version: 13.7 CVE: CVE-2024-40791 Component: Mail Accounts Impact: An app may be able to access information about a user's contacts Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-40786 [HIGH] CVE-2024-40786: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-40786 Component: Siri Impact: An attacker may be able to view sensitive user information Description: This issue was addressed through improved state management.

CVE-2024-27826 [HIGH] CVE-2024-27826: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-27826 Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2024-2398 [HIGH] CVE-2024-2398: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-2398 Component: CVE-2024-2398

CVE-2024-40809 [HIGH] CVE-2024-40809: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-40809 Component: Shortcuts Impact: A shortcut may be able to bypass Internet permission requirements Description: A logic issue was addressed with improved checks.

CVE-2024-40821 [HIGH] CVE-2024-40821: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-40821 Component: Security Impact: Third party app extensions may not receive the correct sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions.

CVE-2024-40774 [HIGH] CVE-2024-40774: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-40774 Component: AppleMobileFileIntegrity Impact: An app may be able to bypass Privacy preferences Description: A downgrade issue was addressed with additional code-signing restrictions.