Filtered by vendor Apple Subscriptions
Filtered by product Mac Os Subscriptions
Total 10 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-44237 1 Apple 2 Mac Os, Macos 2024-12-12 6.5 Medium
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Processing a maliciously crafted file may lead to unexpected app termination.
CVE-2024-44145 1 Apple 5 Ipad Os, Ipados, Iphone Os and 2 more 2024-12-12 5.7 Medium
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15, iOS 18 and iPadOS 18. An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock Screen.
CVE-2024-44256 1 Apple 2 Mac Os, Macos 2024-12-12 9.3 Critical
The issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to break out of its sandbox.
CVE-2024-44295 1 Apple 2 Mac Os, Macos 2024-12-12 7.7 High
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system.
CVE-2024-44260 1 Apple 2 Mac Os, Macos 2024-12-12 6.7 Medium
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious app with root privileges may be able to modify the contents of system files.
CVE-2024-44280 1 Apple 2 Mac Os, Macos 2024-12-11 7.7 High
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system.
CVE-2016-4644 1 Apple 3 Apple Tv, Iphone Os, Mac Os 2024-11-21 N/A
In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed by storing the authentication types with the credentials.
CVE-2016-4643 1 Apple 3 Apple Tv, Iphone Os, Mac Os 2024-11-21 N/A
In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. This issue was addressed through improved response validation.
CVE-2016-4642 1 Apple 3 Apple Tv, Iphone Os, Mac Os 2024-11-21 N/A
In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings.
CVE-2024-44255 1 Apple 8 Ipados, Iphone Os, Mac Os and 5 more 2024-11-01 8.4 High
A path handling issue was addressed with improved logic. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, tvOS 18.1. A malicious app may be able to run arbitrary shortcuts without user consent.