CVE-2024-40784 – Apple macOS ImageIO KTX Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-40784
An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current user. • https://support.apple.com/en-us/HT214117 https://support.apple.com/en-us/HT214116 https://support.apple.com/en-us/HT214120 https://support.apple.com/en-us/HT214124 https://support.apple.com/en-us/HT214119 https://support.apple.com/en-us/HT214123 https://support.apple.com/en-us/HT214122 http://seclists.org/fulldisclosure/2024/Jul/16 http://seclists.org/fulldisclosure/2024/Jul/23 http://seclists.org/fulldisclosure/2024/Jul/21 http://seclists.org/fulldisclosure/202 •
CVE-2024-27877 – Apple macOS AppleVADriver Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-27877
An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current user. • https://support.apple.com/en-us/HT214120 https://support.apple.com/en-us/HT214119 https://support.apple.com/en-us/HT214118 http://seclists.org/fulldisclosure/2024/Jul/20 http://seclists.org/fulldisclosure/2024/Jul/18 http://seclists.org/fulldisclosure/2024/Jul/19 •
CVE-2024-40789 – Apple WebKit WebCodecs VideoFrame Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-40789
An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://support.apple.com/en-us/HT214121 https://support.apple.com/en-us/HT214117 https://support.apple.com/en-us/HT214116 https://support.apple.com/en-us/HT214124 https://support.apple.com/en-us/HT214119 https://support.apple.com/en-us/HT214123 https://support.apple.com/en-us/HT214122 https://support.apple.com/kb/HT214121 http://seclists.org/fulldisclosure/2024/Jul/16 http://seclists.org/fulldisclosure/2024/Jul/15 http://seclists.org/fulldisclosure/2024/Jul/ • CWE-125: Out-of-bounds Read •
CVE-2024-27878
https://notcve.org/view.php?id=CVE-2024-27878
An app with root privileges may be able to execute arbitrary code with kernel privileges. • https://support.apple.com/en-us/HT214119 http://seclists.org/fulldisclosure/2024/Jul/18 •
CVE-2024-7252 – Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7252
An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-957 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •