Apple Macos Ventura vulnerabilities

CVE-2024-40827 [MEDIUM] CVE-2024-40827: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-40827 Component: DesktopServices Impact: An app may be able to overwrite arbitrary files Description: The issue was addressed with improved checks.

CVE-2024-27881 [MEDIUM] CVE-2024-27881: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-27881 Component: Scripting Bridge Impact: An app may be able to access information about a user’s contacts Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-40816 [MEDIUM] CVE-2024-40816: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-40816 Component: Kernel Impact: A local attacker may be able to cause unexpected system shutdown Description: An out-of-bounds read was addressed with improved input validation.

CVE-2024-40835 [MEDIUM] CVE-2024-40835: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-40835 Component: Shortcuts Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: A logic issue was addressed with improved checks.

CVE-2024-40796 [MEDIUM] CVE-2024-40796: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-40796 Component: NetworkExtension Impact: Private browsing may leak some browsing history Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-40833 [MEDIUM] CVE-2024-40833: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-40833 Component: Shortcuts Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: A logic issue was addressed with improved checks.

CVE-2024-40806 [MEDIUM] CVE-2024-40806: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-40806 Component: ImageIO Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds read issue was addressed with improved input validation.

CVE-2024-2466 [MEDIUM] CVE-2024-2466: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-2466 Component: CVE-2024-2466

CVE-2024-44205 [MEDIUM] CVE-2024-44205: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-44205 Component: Siri Impact: A sandboxed app may be able to access sensitive user data in system logs Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-40775 [MEDIUM] CVE-2024-40775: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-40775 Component: AppleMobileFileIntegrity Impact: An app may be able to leak sensitive user information Description: A downgrade issue was addressed with additional code-signing restrictions.

CVE-2024-27873 [MEDIUM] CVE-2024-27873: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-27873 Component: CoreMedia Impact: Processing a maliciously crafted video file may lead to unexpected app termination Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2024-40788 [MEDIUM] CVE-2024-40788: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-40788 Component: Kernel Impact: A local attacker may be able to cause unexpected system shutdown Description: A type confusion issue was addressed with improved memory handling.

CVE-2024-27883 [MEDIUM] CVE-2024-27883: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-27883 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: A permissions issue was addressed with additional restrictions.

CVE-2024-40800 [MEDIUM] CVE-2024-40800: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-40800 Component: Restore Framework Impact: An app may be able to modify protected parts of the file system Description: An input validation issue was addressed with improved input validation.

CVE-2023-6277 [MEDIUM] CVE-2023-6277: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2023-6277 Component: CVE-2023-6277

CVE-2024-40818 [MEDIUM] CVE-2024-40818: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-40818 Component: Siri Impact: An attacker with physical access may be able to use Siri to access sensitive user data Description: This issue was addressed by restricting options offered on a locked device.

CVE-2024-40783 [MEDIUM] CVE-2024-40783: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-40783 Component: APFS Impact: A malicious application may be able to bypass Privacy preferences Description: The issue was addressed with improved restriction of data container access.

CVE-2024-40823 [MEDIUM] CVE-2024-40823: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-40823 Component: PackageKit Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks.

CVE-2024-2004 [LOW] CVE-2024-2004: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-2004 Component: CVE-2024-2004

CVE-2024-40798 [LOW] CVE-2024-40798: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-40798 Component: Security Impact: An app may be able to read Safari's browsing history Description: This issue was addressed with improved redaction of sensitive information.