CVSS: 2.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-44251 – Apple Security Advisory 10-28-2024-1
https://notcve.org/view.php?id=CVE-2024-44251
28 Oct 2024 — This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker may be able to view restricted content from the lock screen. iOS 18.1 and iPadOS 18.1 addresses information leakage, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/121563 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44247 – Apple Security Advisory 10-28-2024-5
https://notcve.org/view.php?id=CVE-2024-44247
28 Oct 2024 — The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious application may be able to modify protected parts of the file system. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/121568 • CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-44302 – Apple macOS CoreText Font Ligature Caret List Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-44302
28 Oct 2024 — The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result in the disclosure of process memory. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious... • https://support.apple.com/en-us/121563 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40855 – Apple Security Advisory 10-28-2024-5
https://notcve.org/view.php?id=CVE-2024-40855
28 Oct 2024 — The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1. A sandboxed app may be able to access sensitive user data. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/121238 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44284 – Apple macOS ICC Profile Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-44284
28 Oct 2024 — An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Parsing a maliciously crafted file may lead to an unexpected app termination. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICC... • https://support.apple.com/en-us/121568 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-44194 – Apple Security Advisory 10-28-2024-3
https://notcve.org/view.php?id=CVE-2024-44194
28 Oct 2024 — This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 11.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1. An app may be able to access sensitive user data. macOS Sequoia 15.1 addresses bypass, information leakage, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/121563 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2024-44252 – Apple Security Advisory 10-28-2024-7
https://notcve.org/view.php?id=CVE-2024-44252
28 Oct 2024 — A logic issue was addressed with improved file handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, tvOS 18.1. Restoring a maliciously crafted backup file may lead to modification of protected system files. iOS 17.7.1 and iPadOS 17.7.1 addresses buffer overflow, information leakage, and out of bounds read vulnerabilities. • https://support.apple.com/en-us/121563 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44213 – Apple Security Advisory 10-28-2024-5
https://notcve.org/view.php?id=CVE-2024-44213
28 Oct 2024 — An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An attacker in a privileged network position may be able to leak sensitive user information. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/121568 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-44301 – Apple Security Advisory 10-28-2024-5
https://notcve.org/view.php?id=CVE-2024-44301
28 Oct 2024 — The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious application may be able to modify protected parts of the file system. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/121568 • CWE-863: Incorrect Authorization •
CVSS: 5.0EPSS: 0%CPEs: 24EXPL: 0CVE-2024-44244 – webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash
https://notcve.org/view.php?id=CVE-2024-44244
28 Oct 2024 — A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. Processing maliciously crafted web content may lead to an unexpected process crash. A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1, macOS Sequoia 15.1, Safari 18.1. • https://support.apple.com/en-us/121563 • CWE-787: Out-of-bounds Write CWE-788: Access of Memory Location After End of Buffer •