Apple Macossonoma14.7.2 vulnerabilities

CVE-2024-54510 [MEDIUM] CVE-2024-54510: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-54510 Component: Kernel Impact: An app may be able to leak sensitive kernel state Description: A race condition was addressed with improved locking.

CVE-2024-54466 [MEDIUM] CVE-2024-54466: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-54466 Component: DiskArbitration Impact: An encrypted volume may be accessed by a different user without prompting for the password Description: An authorization issue was addressed with improved state management.

CVE-2024-54476 [MEDIUM] CVE-2024-54476: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-54476 Component: PackageKit Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks.

CVE-2024-54478 [MEDIUM] CVE-2024-54478: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-54478 Component: ICU Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: An out-of-bounds access issue was addressed with improved bounds checking.

CVE-2024-54474 [MEDIUM] CVE-2024-54474: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-54474 Component: PackageKit Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks.

CVE-2024-54477 [MEDIUM] CVE-2024-54477: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-54477 Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks.

CVE-2024-54541 [MEDIUM] CVE-2024-54541: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-54541 Component: APFS Impact: An app may be able to access user-sensitive data Description: This issue was addressed through improved state management.

CVE-2024-54527 [MEDIUM] CVE-2024-54527: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-54527 Component: AppleMobileFileIntegrity Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved checks.

CVE-2024-44201 [MEDIUM] CVE-2024-44201: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-44201 Component: Kernel Impact: An app may be able to cause unexpected system termination or corrupt kernel memory Description: The issue was addressed with improved memory handling.

CVE-2024-54539 [MEDIUM] CVE-2024-54539: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-54539 Component: WindowServer Impact: An app may be able to capture keyboard events from the lock screen Description: This issue was addressed through improved state management.

CVE-2024-54519 [MEDIUM] CVE-2024-54519: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-54519 Component: Find My Impact: An app may be able to read sensitive location information Description: The issue was resolved by sanitizing logging.

CVE-2024-54501 [MEDIUM] CVE-2024-54501: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-54501 Component: SceneKit Impact: Processing a maliciously crafted file may lead to a denial of service Description: The issue was addressed with improved checks.

CVE-2024-45306 [MEDIUM] CVE-2024-45306: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-45306 Component: CVE-2024-45306

CVE-2024-54488 [MEDIUM] CVE-2024-54488: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-54488 Component: Accounts Impact: Photos in the Hidden Photos Album may be viewed without authentication Description: A logic issue was addressed with improved file handling.

CVE-2024-54486 [MEDIUM] CVE-2024-54486: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-54486 Component: FontParser Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: The issue was addressed with improved checks.

CVE-2024-54520 [MEDIUM] CVE-2024-54520: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-54520 Component: System Settings Impact: An app may be able to overwrite arbitrary files Description: A path handling issue was addressed with improved validation.

CVE-2024-44300 [MEDIUM] CVE-2024-44300: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-44300 Component: Crash Reporter Impact: An app may be able to access protected user data Description: A logic issue was addressed with improved file handling.

CVE-2024-54526 [MEDIUM] CVE-2024-54526: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-54526 Component: AppleMobileFileIntegrity Impact: A malicious app may be able to access private information Description: The issue was addressed with improved checks.

CVE-2024-54475 [LOW] CVE-2024-54475: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-54475 Component: System Settings Impact: An app may be able to determine a user’s current location Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-54516 [LOW] CVE-2024-54516: macOSSonoma14.7.2 Apple Security Update: About the security content of macOSSonoma14.7.2 Product: macOSSonoma14.7.2 CVE: CVE-2024-54516 Component: SharedFileList Impact: An app may be able to approve a launch daemon without user consent Description: A permissions issue was addressed with additional restrictions.