Latest apple macos Vulnerabilities

CVE-2024-6222
In Docker Desktop before v4.29.0 an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC ...
Docker Desktop<4.29.0
Apple macOS
Linux Linux kernel
Microsoft Windows
CVE-2024-20753
Adobe Photoshop PDF File Parsing Memory Corruption Remote Code Execution Vulnerability
Adobe Photoshop<24.7.4
Adobe Photoshop>=25.0<25.9
Apple macOS
Microsoft Windows
CVE-2024-27830
This issue was addressed through improved state management. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A maliciously crafte...
Apple Safari<17.5
Apple macOS Sonoma<14.5
Apple tvOS<17.5
Apple watchOS<10.5
Apple iOS<17.5
Apple iPadOS<17.5
and 8 more
CVE-2024-27800
Messages. This issue was addressed by removing the vulnerable code.
Apple macOS Monterey<12.7.5
Apple macOS Sonoma<14.5
Apple macOS Ventura<13.6.7
Apple tvOS<17.5
Apple watchOS<10.5
Apple iOS<16.7.8
and 14 more
CVE-2024-27832
Disk Images. The issue was addressed with improved checks.
Apple macOS Sonoma<14.5
Apple tvOS<17.5
Apple watchOS<10.5
Apple iOS<17.5
Apple iPadOS<17.5
Apple visionOS<1.2
and 6 more
CVE-2024-27799
IOHIDFamily. This issue was addressed with additional entitlement checks.
Apple macOS Sonoma<14.5
Apple macOS Monterey<12.7.5
Apple macOS Ventura<13.6.7
Apple iOS<16.7.8
Apple iPadOS<16.7.8
Apple iPadOS<16.7.8
and 4 more
CVE-2024-27815
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able...
Apple macOS Sonoma<14.5
Apple tvOS<17.5
Apple watchOS<10.5
Apple iOS<17.5
Apple iPadOS<17.5
Apple visionOS<1.2
and 6 more
CVE-2024-27844
Safari. The issue was addressed with improved checks.
Apple Safari<17.5
Apple macOS Sonoma<14.5
Apple visionOS<1.2
Apple Safari<17.5
Apple macOS>=14.0<14.5
Apple visionOS<1.2
CVE-2024-23251
An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.5, watchOS 10.5, iOS 17.5 and iPadOS 17.5, iOS 16.7.8 and iPadOS 16.7.8. An attacker with p...
Apple macOS Sonoma<14.5
Apple watchOS<10.5
Apple iOS<17.5
Apple iPadOS<17.5
Apple iOS<16.7.8
Apple iPadOS<16.7.8
and 6 more
CVE-2024-27805
An issue was addressed with improved validation of environment variables. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, iOS 17.5 and iPad...
Apple macOS Monterey<12.7.5
Apple macOS Sonoma<14.5
Apple macOS Ventura<13.6.7
Apple watchOS<10.5
Apple tvOS<17.5
Apple iOS<16.7.8
and 12 more
CVE-2024-27836
ImageIO. The issue was addressed with improved checks.
Apple macOS Sonoma<14.5
Apple iOS<17.5
Apple iPadOS<17.5
Apple visionOS<1.2
Apple iPadOS<17.5
Apple iPhone OS<17.5
and 2 more
CVE-2024-27817
CoreMedia. The issue was addressed with improved checks.
Apple macOS Sonoma<14.5
Apple macOS Monterey<12.7.5
Apple macOS Ventura<13.6.7
Apple tvOS<17.5
Apple iOS<16.7.8
Apple iPadOS<16.7.8
and 12 more
CVE-2024-27855
Shortcuts. The issue was addressed with improved checks.
Apple macOS Sonoma<14.5
Apple macOS Ventura<13.6.7
Apple iOS<16.7.8
Apple iPadOS<16.7.8
Apple iOS<17.5
Apple iPadOS<17.5
and 6 more
CVE-2024-23282
Mail. The issue was addressed with improved checks.
Apple macOS Sonoma<14.5
Apple watchOS<10.5
Apple iOS<16.7.8
Apple iPadOS<16.7.8
Apple iOS<17.5
Apple iPadOS<17.5
and 6 more
CVE-2024-27811
libiconv. The issue was addressed with improved checks.
Apple macOS Sonoma<14.5
Apple watchOS<10.5
Apple tvOS<17.5
Apple iOS<17.5
Apple iPadOS<17.5
Apple visionOS<1.2
and 6 more
CVE-2024-27851
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing maliciously craf...
Apple Safari<17.5
Apple macOS Sonoma<14.5
Apple watchOS<10.5
Apple tvOS<17.5
Apple iOS<17.5
Apple iPadOS<17.5
and 8 more
CVE-2024-27831
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iO...
Apple macOS Monterey<12.7.5
Apple macOS Sonoma<14.5
Apple macOS Ventura<13.6.7
Apple tvOS<17.5
Apple iOS<16.7.8
Apple iPadOS<16.7.8
and 12 more
CVE-2024-27885
PackageKit. This issue was addressed with improved validation of symlinks.
Apple macOS Sonoma<14.5
Apple macOS Monterey<12.7.5
Apple macOS Ventura<13.6.7
Apple macOS<12.7.5
Apple macOS>=13.0<13.6.7
Apple macOS>=14.0<14.5
CVE-2024-27820
The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 1...
Apple Safari<17.5
Apple macOS Sonoma<14.5
Apple watchOS<10.5
Apple tvOS<17.5
Apple iOS<17.5
Apple iPadOS<17.5
and 12 more
CVE-2024-27801
Foundation. The issue was addressed with improved checks.
Apple macOS Sonoma<14.5
Apple watchOS<10.5
Apple tvOS<17.5
Apple iOS<17.5
Apple iPadOS<17.5
Apple visionOS<1.2
and 6 more
CVE-2024-27857
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, tvOS 17.5, iOS 17.5 and iPadOS 17.5. A remote attacker may be able to...
Apple macOS Sonoma<14.5
Apple tvOS<17.5
Apple iOS<17.5
Apple iPadOS<17.5
Apple visionOS<1.2
Apple iPadOS<17.5
and 4 more
CVE-2024-27802
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 ...
Apple macOS Sonoma<14.5
Apple macOS Monterey<12.7.5
Apple tvOS<17.5
Apple macOS Ventura<13.6.7
Apple iOS<16.7.8
Apple iPadOS<16.7.8
and 12 more
CVE-2024-27808
The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content ma...
Apple Safari<17.5
Apple macOS Sonoma<14.5
Apple tvOS<17.5
Apple watchOS<10.5
Apple iOS<17.5
Apple iPadOS<17.5
and 8 more
CVE-2024-27848
StorageKit. This issue was addressed with improved permissions checking.
Apple macOS Sonoma<14.5
Apple iOS<17.5
Apple iPadOS<17.5
Apple iPadOS<17.5
Apple iPhone OS<17.5
Apple macOS>=14.0<14.5
CVE-2024-27838
The issue was addressed by adding additional logic. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5...
Apple Safari<17.5
Apple macOS Sonoma<14.5
Apple tvOS<17.5
Apple watchOS<10.5
Apple iOS<16.7.8
Apple iPadOS<16.7.8
and 12 more
CVE-2024-27806
Spotlight. This issue was addressed with improved environment sanitization.
Apple macOS Monterey<12.7.5
Apple macOS Sonoma<14.5
Apple tvOS<17.5
Apple watchOS<10.5
Apple macOS Ventura<13.6.7
Apple iOS<17.5
and 12 more
CVE-2024-27840
Kernel. The issue was addressed with improved memory handling.
Apple macOS Monterey<12.7.5
Apple watchOS<10.5
Apple tvOS<17.5
Apple macOS Ventura<13.6.7
Apple iOS<17.5
Apple iPadOS<17.5
and 12 more
CVE-2024-27850
This issue was addressed with improvements to the noise injection algorithm. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, Safari 17.5, iOS 17.5 and iPadOS 17.5. A maliciously crafted webpag...
Apple Safari<17.5
Apple macOS Sonoma<14.5
Apple iOS<17.5
Apple iPadOS<17.5
Apple visionOS<1.2
Apple Safari<17.5
and 4 more
CVE-2024-27792
TCC. Description: This issue was addressed by adding an additional prompt for user consent.
Apple macOS Sonoma<14.4
Apple macOS<14.4
CVE-2024-23267
PackageKit. The issue was addressed with improved checks.
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
CVE-2024-23272
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. A user may gain access to protected parts of the file system.
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
CVE-2024-23274
An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
CVE-2024-23266
Kerberos v5 PAM module. The issue was addressed with improved checks.
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
CVE-2024-23276
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
CVE-2024-23299
Disk Images. The issue was addressed with improved checks.
Apple macOS Sonoma<14.4
Apple macOS Ventura<13.6.5
Apple macOS Monterey<12.7.4
Apple macOS<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
CVE-2024-23275
A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to access protected user data.
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
CVE-2024-23268
An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
CVE-2024-23273
Safari Private Browsing. This issue was addressed through improved state management.
Apple macOS Sonoma<14.4
Apple Safari<17.4
Apple iOS<17.4
Apple iPadOS<17.4
Apple Safari<17.4
Apple Ipad Os<17.4
and 2 more
CVE-2024-23270
Image Processing. The issue was addressed with improved memory handling.
Apple tvOS<17.4
Apple macOS Ventura<13.6.5
Apple macOS Monterey<12.7.4
Apple macOS Sonoma<14.4
Apple iOS<17.4
Apple iPadOS<17.4
and 6 more
CVE-2024-23277
Bluetooth. The issue was addressed with improved checks.
Apple macOS Sonoma<14.4
Apple iOS<17.4
Apple iPadOS<17.4
Apple Ipad Os>17.0<17.4
Apple iPhone OS>=17.0<17.4
Apple macOS>=14.0<14.4
CVE-2024-20726
[TianfuCup] JP2K Image Parsing Out-Of-Bounds Write
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20730
TALOS-2023-1906 - Adobe Acrobat Reader Font CPAL integer overflow vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20731
TALOS-2023-1901 - Adobe Acrobat Reader FileAttachment PDAnnot destroy use-after-free vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20727
[TianfuCup] out-of-bounds access vulnerability when parsing jpeg2000
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20747
TALOS-2023-1908 - Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20733
[ZS-VR-23-360] Adobe Acrobat Reader Parsing OTF font Denial-of-Service Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20734
ZDI-CAN-22516: Adobe Acrobat Pro DC AcroForm Use-After-Free Information Disclosure Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20748
TALOS-2023-1909 - Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20728
ZDI-CAN-22727: Adobe Acrobat Pro DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20736
ZDI-CAN-22822: Adobe Acrobat Pro DC AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203