Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os
Subscriptions
Total
10 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-44237 | 1 Apple | 2 Mac Os, Macos | 2024-12-12 | 6.5 Medium |
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Processing a maliciously crafted file may lead to unexpected app termination. | ||||
CVE-2024-44145 | 1 Apple | 5 Ipad Os, Ipados, Iphone Os and 2 more | 2024-12-12 | 5.7 Medium |
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15, iOS 18 and iPadOS 18. An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock Screen. | ||||
CVE-2024-44256 | 1 Apple | 2 Mac Os, Macos | 2024-12-12 | 9.3 Critical |
The issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to break out of its sandbox. | ||||
CVE-2024-44295 | 1 Apple | 2 Mac Os, Macos | 2024-12-12 | 7.7 High |
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system. | ||||
CVE-2024-44260 | 1 Apple | 2 Mac Os, Macos | 2024-12-12 | 6.7 Medium |
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious app with root privileges may be able to modify the contents of system files. | ||||
CVE-2024-44280 | 1 Apple | 2 Mac Os, Macos | 2024-12-11 | 7.7 High |
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system. | ||||
CVE-2016-4644 | 1 Apple | 3 Apple Tv, Iphone Os, Mac Os | 2024-11-21 | N/A |
In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed by storing the authentication types with the credentials. | ||||
CVE-2016-4643 | 1 Apple | 3 Apple Tv, Iphone Os, Mac Os | 2024-11-21 | N/A |
In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. This issue was addressed through improved response validation. | ||||
CVE-2016-4642 | 1 Apple | 3 Apple Tv, Iphone Os, Mac Os | 2024-11-21 | N/A |
In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings. | ||||
CVE-2024-44255 | 1 Apple | 8 Ipados, Iphone Os, Mac Os and 5 more | 2024-11-01 | 8.4 High |
A path handling issue was addressed with improved logic. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, tvOS 18.1. A malicious app may be able to run arbitrary shortcuts without user consent. |
Page 1 of 1.