Apple Vulnerabilities
| CVE ID | CVSS | Exploit | Patch | Trends |
|---|---|---|---|---|
CVE-2024-6592Incorrect Authorization vulnerability in the protocol communication between the WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows and the WatchGuard Single Sign-On Client on Windows and MacOS allows Authentication Bypass.This issue affects the Authentication Gateway: through 12.10.2; Windows Single Sign-On Client: through 12.7; MacOS Single Sign-On Client: through 12.5.4. | CVSS 9.1 | Exploit | Patched |  |
CVE-2024-45418Symlink following in the installer for some Zoom apps for macOS before version 6.1.5 may allow an authenticated user to conduct an escalation of privilege via network access.
Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download. | CVSS 5.4 | - | Patched |  |
CVE-2024-45417Uncontrolled resource consumption in the installer for some Zoom apps for macOS before version 6.1.5 may allow a privileged user to conduct a disclosure of information via local access.
Users can help keep themselves secure by applying the latest updates available at https://zoom.us/download. | CVSS 6 | - | Patched |  |
CVE-2024-44309Description: A cookie management issue was addressed with improved state management.Impact: Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems. | CVSS MEDIUM | Exploit | Patched |  |
CVE-2024-44308Description: The issue was addressed with improved checks.Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems. | CVSS HIGH | Exploit | Patched |  |
CVE-2024-44307Description: A buffer overflow issue was addressed with improved memory handling.Impact: An app may be able to execute arbitrary code with kernel privileges | CVSS MEDIUM | - | Patched |  |
CVE-2024-44306Description: A buffer overflow issue was addressed with improved memory handling.Impact: An app may be able to execute arbitrary code with kernel privileges | CVSS MEDIUM | - | Patched |  |
CVE-2024-44302The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result in the disclosure of process memory. | CVSS MEDIUM | - | Patched |  |
CVE-2024-44301Description: A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges.Impact: An attacker with root privileges may be able to delete protected system files | CVSS 5.5 | - | Patched |  |
CVE-2024-44297The issue was addressed with improved bounds checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted message may lead to a denial-of-service. | CVSS 6.5 | - | Patched |  |
CVE-2024-44296The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. | CVSS 5.4 | - | Patched |  |
CVE-2024-44295Description: This issue was addressed with additional entitlement checks.Impact: An app may be able to modify protected parts of the file system | CVSS 7.7 | - | Patched |  |
CVE-2024-44294Description: A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges.Impact: An attacker with root privileges may be able to delete protected system files | CVSS 6.5 | - | Patched |  |
CVE-2024-44289Description: A privacy issue was addressed with improved private data redaction for log entries.Impact: An app may be able to read sensitive location information | CVSS 7.5 | - | Patched |  |
CVE-2024-44287Description: The issue was addressed with improved checks.Impact: A malicious application may be able to modify protected parts of the file system | CVSS 5.5 | - | Patched |  |
CVE-2024-44285Description: A use-after-free issue was addressed with improved memory management.Impact: An app may be able to cause unexpected system termination or corrupt kernel memory | CVSS 7.8 | - | Patched |  |
CVE-2024-44284An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Parsing a maliciously crafted file may lead to an unexpected app termination. | CVSS 5.5 | - | Patched |  |
CVE-2024-44283Description: An out-of-bounds read was addressed with improved bounds checking.Impact: Parsing a maliciously crafted file may lead to an unexpected app termination | CVSS MEDIUM | - | Patched |  |
CVE-2024-44282An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Parsing a file may lead to disclosure of user information. | CVSS 5.5 | - | Patched |  |
CVE-2024-44281Description: An out-of-bounds read was addressed with improved bounds checking.Impact: Parsing a maliciously crafted file may lead to an unexpected app termination | CVSS 5.5 | - | Patched |  |
CVE-2024-44280Description: A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.Impact: An app may be able to modify protected parts of the file system | CVSS 7.7 | - | Patched |  |
CVE-2024-44279Description: An out-of-bounds read was addressed with improved bounds checking.Impact: Parsing a maliciously crafted file may lead to an unexpected app termination | CVSS MEDIUM | - | Patched |  |
CVE-2024-44278An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. A sandboxed app may be able to access sensitive user data in system logs. | CVSS 5.5 | - | Patched |  |
CVE-2024-44277Description: The issue was addressed with improved checks.Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced | CVSS 7.7 | - | Patched |  |
CVE-2024-44275Description: A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges.Impact: An attacker with root privileges may be able to delete protected system files | CVSS 3.3 | - | Patched |  |
CVE-2024-44274Description: The issue was addressed with improved authentication.Impact: An attacker with physical access to a locked device may be able to view sensitive user information | CVSS 4.6 | - | Patched |  |
CVE-2024-44273This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1, visionOS 2.1, macOS Sonoma 14.7.1, watchOS 11.1, tvOS 18.1. A malicious app may be able to access private information. | CVSS 5.5 | - | Patched |  |
CVE-2024-44270Description: A logic issue was addressed with improved validation.Impact: A sandboxed process may be able to circumvent sandbox restrictions | CVSS 8.6 | - | Patched |  |
CVE-2024-44269A logic issue was addressed with improved checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. A malicious app may use shortcuts to access restricted files. | CVSS 5.5 | - | Patched |  |
CVE-2024-44267Description: A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges.Impact: An attacker with root privileges may be able to delete protected system files | CVSS 5.5 | - | Patched |  |
CVE-2024-44265The issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An attacker with physical access can input Game Controller events to apps running on a locked device. | CVSS 2.4 | - | Patched |  |
CVE-2024-44264Description: The issue was addressed with improved checks.Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced | CVSS 5.5 | - | Patched |  |
CVE-2024-44263Description: A logic issue was addressed with improved state management.Impact: An app may be able to access user-sensitive data | CVSS 4 | - | Patched |  |
CVE-2024-44262Description: This issue was addressed with improved redaction of sensitive information.Impact: A user may be able to view sensitive user information | CVSS 5.5 | - | Patched |  |
CVE-2024-44261Description: This issue was addressed by restricting options offered on a locked device.Impact: An attacker may be able to view restricted content from the lock screen | CVSS 6.2 | - | Patched |  |
CVE-2024-44260Description: This issue was addressed by removing the vulnerable code.Impact: A malicious app with root privileges may be able to modify the contents of system files | CVSS 6.7 | - | Patched |  |
CVE-2024-44259This issue was addressed through improved state management. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, Safari 18.1. An attacker may be able to misuse a trust relationship to download malicious content. | CVSS 8.8 | - | Patched |  |
CVE-2024-44258Description: This issue was addressed with improved handling of symlinks.Impact: Restoring a maliciously crafted backup file may lead to modification of protected system files | CVSS 7.1 | - | Patched |  |
CVE-2024-44257Description: This issue was addressed with improved redaction of sensitive information.Impact: An app may be able to access sensitive user data | CVSS 6.2 | - | Patched |  |
CVE-2024-44256Description: A privacy issue was addressed with improved private data redaction for log entries.Impact: An app may be able to access sensitive user data | CVSS 9.3 | - | Patched |  |
CVE-2024-44255A path handling issue was addressed with improved logic. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, tvOS 18.1. A malicious app may be able to run arbitrary shortcuts without user consent. | CVSS 7.8 | - | Patched |  |
CVE-2024-44254This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 11.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, iOS 18.1 and iPadOS 18.1. An app may be able to access sensitive user data. | CVSS 5.5 | - | Patched |  |
CVE-2024-44253Description: A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges.Impact: An attacker with root privileges may be able to delete protected system files | CVSS 5.5 | - | Patched |  |
CVE-2024-44252Description: A logic issue was addressed with improved file handling.Impact: Restoring a maliciously crafted backup file may lead to modification of protected system files | CVSS 7.1 | - | Patched |  |
CVE-2024-44251Description: This issue was addressed through improved state management.Impact: An attacker may be able to view restricted content from the lock screen | CVSS 2.4 | - | Patched |  |
CVE-2024-44247Description: A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges.Impact: An attacker with root privileges may be able to delete protected system files | CVSS 5.5 | - | Patched |  |
CVE-2024-44244A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may lead to an unexpected process crash. | CVSS 4.3 | - | Patched |  |
CVE-2024-44240The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result in the disclosure of process memory. | CVSS 6.5 | - | Patched |  |
CVE-2024-44239An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. An app may be able to leak sensitive kernel state. | CVSS 5.5 | - | Patched |  |
CVE-2024-44237Description: An out-of-bounds read was addressed with improved bounds checking.Impact: Parsing a maliciously crafted file may lead to an unexpected app termination | CVSS MEDIUM | - | Patched |  |
CVE-2024-44236Description: An out-of-bounds read was addressed with improved bounds checking.Impact: Parsing a maliciously crafted file may lead to an unexpected app termination | CVSS 5.5 | - | Patched |  |
CVE-2024-44235Description: The issue was addressed with improved checks.Impact: An attacker may be able to view restricted content from the lock screen | CVSS 4.6 | - | Patched |  |
CVE-2024-44234The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination. | CVSS 5.5 | - | Patched |  |
CVE-2024-44233The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination. | CVSS 5.5 | - | Patched |  |
CVE-2024-44232The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination. | CVSS 5.5 | - | Patched |  |
CVE-2024-44229An information leakage was addressed with additional validation. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, Safari 18.1. Private browsing may leak some browsing history. | CVSS 5.3 | - | Patched |  |
CVE-2024-44228Description: This issue was addressed with improved permissions checking.Impact: An app may be able to inherit Xcode permissions and access user data | CVSS 7.5 | - | Patched |  |
CVE-2024-44222Description: This issue was addressed with improved redaction of sensitive information.Impact: An app may be able to read sensitive location information | CVSS 3.3 | - | Patched |  |
CVE-2024-44218This issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, macOS Sonoma 14.7.1, iOS 18.1 and iPadOS 18.1. Processing a maliciously crafted file may lead to heap corruption. | CVSS 7.8 | - | Patched |  |
CVE-2024-44217Description: A permissions issue was addressed by removing vulnerable code and adding additional checks.Impact: Password autofill may fill in passwords after failing authentication | CVSS 9.1 | - | Patched |  |
CVE-2024-44216Description: An access issue was addressed with additional sandbox restrictions.Impact: An app may be able to access user-sensitive data | CVSS 6.2 | - | Patched |  |
CVE-2024-44215This issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing an image may result in disclosure of process memory. | CVSS MEDIUM | - | Patched |  |
CVE-2024-44213Description: An issue existed in the parsing of URLs. This issue was addressed with improved input validation.Impact: An attacker in a privileged network position may be able to leak sensitive user information | CVSS 5.9 | - | Patched |  |
CVE-2024-44208Description: An issue was addressed with improved validation of environment variables.Impact: An app may be able to access user-sensitive data | CVSS 7.5 | - | Patched |  |
CVE-2024-44207This issue was addressed with improved checks. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. Audio messages in Messages may be able to capture a few seconds of audio before the microphone indicator is activated. | CVSS 4.3 | - | Patched |  |
CVE-2024-44206An issue in the handling of URL protocols was addressed with improved logic. This issue is fixed in tvOS 17.6, visionOS 1.3, Safari 17.6, watchOS 10.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. A user may be able to bypass some web content restrictions. | CVSS 9.3 | - | Patched |  |
CVE-2024-44205A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. A sandboxed app may be able to access sensitive user data in system logs. | CVSS 5.5 | - | Patched |  |
CVE-2024-44204A logic issue was addressed with improved validation. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. A user's saved passwords may be read aloud by VoiceOver. | CVSS 5.5 | - | Patched |  |
CVE-2024-44203Description: A permissions issue was addressed with additional restrictions.Impact: An app may be able to access a user's Photos Library | CVSS 7.5 | - | Patched |  |
CVE-2024-44202An authentication issue was addressed with improved state management. This issue is fixed in iOS 18 and iPadOS 18. Private Browsing tabs may be accessed without authentication. | CVSS 5.3 | - | Patched |  |
CVE-2024-44198An integer overflow was addressed through improved input validation. This issue is fixed in visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to an unexpected process crash. | CVSS 5.5 | - | Patched |  |
CVE-2024-44197Description: The issue was addressed with improved memory handling.Impact: A malicious app may be able to cause a denial-of-service | CVSS 5.5 | - | Patched |  |
CVE-2024-44196Description: The issue was addressed with improved checks.Impact: A malicious application may be able to modify protected parts of the file system | CVSS 5.5 | - | Patched |  |
CVE-2024-44194Description: This issue was addressed with improved redaction of sensitive information.Impact: An app may be able to access sensitive user data | CVSS 5.5 | - | Patched |  |
CVE-2024-44193A logic issue was addressed with improved restrictions. This issue is fixed in iTunes 12.13.3 for Windows. A local attacker may be able to elevate their privileges. | CVSS MEDIUM | - | Patched |  |
CVE-2024-44191This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, Xcode 16, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. An app may gain unauthorized access to Bluetooth. | CVSS 5.5 | - | Patched |  |
CVE-2024-44190A path handling issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to read arbitrary files. | CVSS 5.5 | - | Patched |  |
CVE-2024-44189The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. A logic issue existed where a process may be able to capture screen contents without user consent. | CVSS 7.5 | - | Patched |  |
CVE-2024-44188A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data. | CVSS 5.5 | - | Patched |  |
CVE-2024-44187A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin. | CVSS 6.5 | - | Patched |  |
CVE-2024-44186An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data. | CVSS 5.5 | - | Patched |  |
CVE-2024-44185The issue was addressed with improved checks. This issue is fixed in tvOS 17.6, visionOS 1.3, Safari 17.6, watchOS 10.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash. | CVSS MEDIUM | - | Patched |  |
CVE-2024-44184A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access user-sensitive data. | CVSS 5.5 | - | Patched |  |
CVE-2024-44183A logic error was addressed with improved error handling. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma 14.7, tvOS 18. An app may be able to cause a denial-of-service. | CVSS 5.5 | - | Patched |  |
CVE-2024-44182This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access sensitive data logged when a shortcut fails to launch another app. | CVSS 5.5 | - | Patched |  |
CVE-2024-44181An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to read sensitive location information. | CVSS 5.5 | - | Patched |  |
CVE-2024-44180The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to access contacts from the lock screen. | CVSS 2.4 | - | Patched |  |
CVE-2024-44178This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system. | CVSS 5.5 | - | Patched |  |
CVE-2024-44177A privacy issue was addressed by removing sensitive data. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access user-sensitive data. | CVSS 5.5 | - | Patched |  |
CVE-2024-44176An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma 14.7, tvOS 18. Processing an image may lead to a denial-of-service. | CVSS 5.5 | - | Patched |  |
CVE-2024-44175Description: This issue was addressed with improved validation of symlinks.Impact: An app may be able to access sensitive user data | CVSS 5.5 | - | Patched |  |
CVE-2024-44174Description: The issue was addressed with improved checks.Impact: An attacker may be able to view restricted content from the lock screen | CVSS 5.5 | - | Patched |  |
CVE-2024-44171This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, watchOS 11. An attacker with physical access to a locked device may be able to Control Nearby Devices via accessibility features. | CVSS 4.6 | - | Patched |  |
CVE-2024-44170A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in iOS 18 and iPadOS 18, watchOS 11, macOS Sequoia 15. An app may be able to access user-sensitive data. | CVSS 5.5 | - | Patched |  |
CVE-2024-44169The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma 14.7, tvOS 18. An app may be able to cause unexpected system termination. | CVSS 8.1 | - | Patched |  |
CVE-2024-44168A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system. | CVSS 5.5 | - | Patched |  |
CVE-2024-44167This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to overwrite arbitrary files. | CVSS 8.1 | - | Patched |  |
CVE-2024-44166A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access user-sensitive data. | CVSS 5.5 | - | Patched |  |
CVE-2024-44165A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. Network traffic may leak outside a VPN tunnel. | CVSS 7.5 | - | Patched |  |
CVE-2024-44164This issue was addressed with improved checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to bypass Privacy preferences. | CVSS 7.1 | - | Patched |  |