Total
4503 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-42913 | 1 Apple | 1 Macos | 2024-08-01 | N/A | 8.8 HIGH |
| This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.2. Remote Login sessions may be able to obtain full disk access permissions. | |||||
| CVE-2024-27844 | 1 Apple | 3 Macos, Safari, Visionos | 2024-08-01 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, Safari 17.5. A website's permission dialog may persist after navigation away from the site. | |||||
| CVE-2024-27802 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-08-01 | N/A | 7.8 HIGH |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution. | |||||
| CVE-2024-23268 | 1 Apple | 1 Macos | 2024-08-01 | N/A | 7.8 HIGH |
| An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges. | |||||
| CVE-2024-23274 | 1 Apple | 1 Macos | 2024-08-01 | N/A | 7.8 HIGH |
| An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges. | |||||
| CVE-2022-48683 | 1 Apple | 1 Macos | 2024-08-01 | N/A | 7.8 HIGH |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13. An app may be able to break out of its sandbox. | |||||
| CVE-2023-27952 | 1 Apple | 1 Macos | 2024-07-30 | N/A | 4.7 MEDIUM |
| A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.3. An app may bypass Gatekeeper checks. | |||||
| CVE-2024-20753 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-07-22 | N/A | 7.8 HIGH |
| Photoshop Desktop versions 24.7.3, 25.7 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-41989 | 1 Apple | 1 Macos | 2024-07-17 | N/A | 6.8 MEDIUM |
| The issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1. An attacker may be able to execute arbitrary code as root from the Lock Screen. | |||||
| CVE-2024-6222 | 4 Apple, Docker, Linux and 1 more | 4 Macos, Desktop, Linux Kernel and 1 more | 2024-07-12 | N/A | 7.0 HIGH |
| In Docker Desktop before v4.29.0, an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages. Docker Desktop v4.29.0 https://docs.docker.com/desktop/release-notes/#4290 fixes the issue on MacOS, Linux and Windows with Hyper-V backend. As exploitation requires "Allow only extensions distributed through the Docker Marketplace" to be disabled, Docker Desktop v4.31.0 https://docs.docker.com/desktop/release-notes/#4310 additionally changes the default configuration to enable this setting by default. | |||||
| CVE-2024-27836 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-07-03 | N/A | 7.8 HIGH |
| The issue was addressed with improved checks. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, iOS 17.5 and iPadOS 17.5. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2024-27840 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-07-03 | N/A | 6.3 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5. An attacker that has already achieved kernel code execution may be able to bypass kernel memory protections. | |||||
| CVE-2024-27848 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-07-03 | N/A | 7.8 HIGH |
| This issue was addressed with improved permissions checking. This issue is fixed in macOS Sonoma 14.5, iOS 17.5 and iPadOS 17.5. A malicious app may be able to gain root privileges. | |||||
| CVE-2024-27851 | 1 Apple | 7 Ipados, Iphone Os, Macos and 4 more | 2024-07-03 | N/A | 8.8 HIGH |
| The issue was addressed with improved bounds checks. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2024-27857 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-07-03 | N/A | 7.8 HIGH |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, tvOS 17.5, iOS 17.5 and iPadOS 17.5. A remote attacker may be able to cause unexpected app termination or arbitrary code execution. | |||||
| CVE-2024-27831 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-07-03 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. Processing a file may lead to unexpected app termination or arbitrary code execution. | |||||
| CVE-2024-27832 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-07-03 | N/A | 7.8 HIGH |
| The issue was addressed with improved checks. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to elevate privileges. | |||||
| CVE-2024-27800 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-07-03 | N/A | 6.5 MEDIUM |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing a maliciously crafted message may lead to a denial-of-service. | |||||
| CVE-2024-27808 | 1 Apple | 7 Ipados, Iphone Os, Macos and 4 more | 2024-07-03 | N/A | 8.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution. | |||||
| CVE-2024-27815 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-07-03 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges. | |||||