Latest apple macos sonoma Vulnerabilities

HT214096
About the security content of macOS Sonoma 14.4.1
Apple macOS Sonoma<14.4.1
CVE-2024-23272
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. A user may gain access to protected parts of the file system.
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
CVE-2024-23247
ColorSync. The issue was addressed with improved memory handling.
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
CVE-2024-23244
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4. An app from a standard user account may be able to escalate privilege after adm...
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
CVE-2024-23238
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Sonoma 14.4. An app may be able to edit NVRAM variables.
Apple macOS Sonoma<14.4
CVE-2024-23258
An out-of-bounds read was addressed with improved input validation. This issue is fixed in visionOS 1.1, macOS Sonoma 14.4. Processing an image may lead to arbitrary code execution.
Apple macOS Sonoma<14.4
Apple visionOS<1.1
CVE-2024-23230
SharedFileList. This issue was addressed with improved file handling.
Apple macOS Sonoma<14.4
Apple macOS Ventura<13.6.5
Apple macOS Monterey<12.7.4
CVE-2024-23274
An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
CVE-2024-23260
This issue was addressed by removing additional entitlements. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data.
Apple macOS Sonoma<14.4
CVE-2024-23267
PackageKit. The issue was addressed with improved checks.
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
CVE-2024-23232
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.4. An app may be able to capture a user's screen.
Apple macOS Sonoma<14.4
CVE-2024-23266
Kerberos v5 PAM module. The issue was addressed with improved checks.
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
CVE-2024-23269
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An...
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
CVE-2024-23227
Airport. This issue was addressed with improved redaction of sensitive information.
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
CVE-2024-23249
ColorSync. The issue was addressed with improved memory handling.
Apple macOS Sonoma<14.4
CVE-2024-23285
Music. This issue was addressed with improved handling of symlinks.
Apple macOS Sonoma<14.4
CVE-2024-23216
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to overwrite arbitrary files.
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
CVE-2024-23279
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data.
Apple macOS Sonoma<14.4
CVE-2024-23233
AppleMobileFileIntegrity. This issue was addressed with improved checks.
Apple macOS Sonoma<14.4
CVE-2024-23248
ColorSync. The issue was addressed with improved memory handling.
Apple macOS Sonoma<14.4
CVE-2024-23253
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.4. An app may be able to access a user's Photos Library.
Apple macOS Sonoma<14.4
CVE-2024-23234
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to execute arbitrar...
Apple macOS Sonoma<14.4
Apple macOS Ventura<13.6.5
Apple macOS Monterey<12.7.4
HT214084
About the security content of macOS Sonoma 14.4
Apple macOS Sonoma<14.4
CVE-2024-23276
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
CVE-2024-23245
Shortcuts. This issue was addressed by adding an additional prompt for user consent.
Apple macOS Sonoma<14.4
Apple macOS Ventura<13.6.5
Apple macOS Monterey<12.7.4
CVE-2024-23294
QuartzCore. This issue was addressed by removing the vulnerable code.
Apple macOS Sonoma<14.4
CVE-2024-23281
System Settings. This issue was addressed with improved state management.
Apple macOS Sonoma<14.4
CVE-2024-23275
A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to access protected user data.
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
CVE-2024-23268
An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple macOS Ventura<13.6.5
Apple macOS>=12.0.0<12.7.4
Apple macOS>=13.0<13.6.5
Apple macOS>=14.0<14.4
CVE-2024-23235
A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An a...
Apple tvOS<17.4
Apple watchOS<10.4
Apple macOS Sonoma<14.4
Apple visionOS<1.1
Apple iOS<17.4
Apple iPadOS<17.4
and 2 more
CVE-2024-23288
AppleMobileFileIntegrity. This issue was addressed by removing the vulnerable code.
Apple watchOS<10.4
Apple tvOS<17.4
Apple macOS Sonoma<14.4
Apple iOS<17.4
Apple iPadOS<17.4
CVE-2024-23242
A privacy issue was addressed by not logging contents of text fields. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4. An app may be able to view Mail data.
Apple macOS Sonoma<14.4
Apple iOS<17.4
Apple iPadOS<17.4
CVE-2024-23264
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, iOS 16...
Apple macOS Ventura<13.6.5
Apple tvOS<17.4
Apple macOS Sonoma<14.4
Apple macOS Monterey<12.7.4
Apple visionOS<1.1
Apple iOS<17.4
and 3 more
CVE-2024-23273
Safari Private Browsing. This issue was addressed through improved state management.
Apple macOS Sonoma<14.4
Apple Safari<17.4
Apple iOS<17.4
Apple iPadOS<17.4
Apple Safari<17.4
Apple Ipad Os<17.4
and 2 more
CVE-2024-23254
The issue was addressed with improved UI handling. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, Safari 17.4. A malicious website may exfil...
Apple tvOS<17.4
Apple watchOS<10.4
Apple visionOS<1.1
Apple macOS Sonoma<14.4
Apple Safari<17.4
Apple iOS<17.4
and 6 more
CVE-2024-23291
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. A malicious app may be ...
Apple tvOS<17.4
Apple macOS Sonoma<14.4
Apple watchOS<10.4
Apple iOS<17.4
Apple iPadOS<17.4
CVE-2024-23255
An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4. Photos in the Hidden Photos Album may be viewed without authen...
Apple macOS Sonoma<14.4
Apple iOS<17.4
Apple iPadOS<17.4
CVE-2024-23286
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watc...
Apple macOS Ventura<13.6.5
Apple macOS Sonoma<14.4
Apple watchOS<10.4
Apple tvOS<17.4
Apple macOS Monterey<12.7.4
Apple visionOS<1.1
and 4 more
CVE-2024-23287
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4. An app may be able to access user-sensitive d...
Apple watchOS<10.4
Apple macOS Sonoma<14.4
Apple iOS<17.4
Apple iPadOS<17.4
CVE-2024-23239
A race condition was addressed with improved state handling. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to leak sensitive user info...
Apple watchOS<10.4
Apple tvOS<17.4
Apple macOS Sonoma<14.4
Apple iOS<17.4
Apple iPadOS<17.4
CVE-2024-23250
An access issue was addressed with improved access restrictions. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to access Bluetooth-con...
Apple watchOS<10.4
Apple tvOS<17.4
Apple macOS Sonoma<14.4
Apple iOS<17.4
Apple iPadOS<17.4
CVE-2024-23293
Siri. This issue was addressed through improved state management.
Apple watchOS<10.4
Apple tvOS<17.4
Apple macOS Sonoma<14.4
Apple iOS<17.4
Apple iPadOS<17.4
CVE-2024-23296
Apple Multiple Products Memory Corruption Vulnerability
Apple tvOS<17.4
Apple watchOS<10.4
Apple visionOS<1.1
Apple Multiple Products
Apple macOS Sonoma<14.4
Apple iOS<17.4
and 7 more
CVE-2024-23280
An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. A maliciously crafted webpage may b...
Apple watchOS<10.4
Apple tvOS<17.4
Apple macOS Sonoma<14.4
Apple Safari<17.4
Apple iOS<17.4
Apple iPadOS<17.4
and 5 more
CVE-2024-23257
ImageIO. The issue was addressed with improved memory handling.
Apple macOS Sonoma<14.4
Apple macOS Ventura<13.6.5
Apple macOS Monterey<12.7.4
Apple visionOS<1.1
Apple iOS<16.7.6
Apple iPadOS<16.7.6
CVE-2024-23289
A lock screen issue was addressed with improved state management. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. A person with physical...
Apple macOS Sonoma<14.4
Apple watchOS<10.4
Apple iOS<17.4
Apple iPadOS<17.4
Apple iOS<16.7.6
Apple iPadOS<16.7.6
CVE-2024-23290
A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to access user-sensitive data.
Apple macOS Sonoma<14.4
Apple tvOS<17.4
Apple watchOS<10.4
Apple iOS<17.4
Apple iPadOS<17.4
CVE-2024-23292
Shortcuts. This issue was addressed with improved data protection.
Apple macOS Sonoma<14.4
Apple iOS<17.4
Apple iPadOS<17.4
CVE-2024-23246
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An ap...
Apple macOS Sonoma<14.4
Apple watchOS<10.4
Apple tvOS<17.4
Apple visionOS<1.1
Apple iOS<17.4
Apple iPadOS<17.4
and 2 more
CVE-2024-23263
A logic issue was addressed with improved validation. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17...
Apple iOS<16.7.6
Apple iPadOS<16.7.6
Apple tvOS<17.4
Apple watchOS<10.4
Apple visionOS<1.1
Apple macOS Sonoma<14.4
and 8 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203