CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-40863 – Apple Security Advisory 09-16-2024-1
https://notcve.org/view.php?id=CVE-2024-40863
16 Sep 2024 — An app may be able to leak sensitive user information. iOS 18 and iPadOS 18 addresses bypass, cross site scripting, integer overflow, out of bounds access, and out of bounds read vulnerabilities. • https://support.apple.com/en-us/121250 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44135 – Apple Security Advisory 09-16-2024-9
https://notcve.org/view.php?id=CVE-2024-44135
16 Sep 2024 — An app may be able to access protected files within an App Sandbox container. macOS Sequoia 15 addresses buffer overflow, bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and spoofing vulnerabilities. • https://support.apple.com/en-us/121238 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40859 – Apple Security Advisory 09-16-2024-2
https://notcve.org/view.php?id=CVE-2024-40859
16 Sep 2024 — An app may be able to access user-sensitive data. macOS Sequoia 15 addresses buffer overflow, bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and spoofing vulnerabilities. • https://support.apple.com/en-us/121238 •
CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27876 – Apple Security Advisory 09-16-2024-9
https://notcve.org/view.php?id=CVE-2024-27876
16 Sep 2024 — Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files. macOS Sequoia 15 addresses buffer overflow, bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and spoofing vulnerabilities. • https://support.apple.com/en-us/121234 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-44158 – Apple Security Advisory 09-16-2024-9
https://notcve.org/view.php?id=CVE-2024-44158
16 Sep 2024 — A shortcut may output sensitive user data without consent. macOS Sequoia 15 addresses buffer overflow, bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and spoofing vulnerabilities. • https://support.apple.com/en-us/121234 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27860 – Apple macOS AppleVADriver Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-27860
16 Sep 2024 — An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current user. macOS Sequoia 15 addresses buffer overflow, bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and spoofing vulnerabilities. • https://support.apple.com/en-us/121238 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40770 – Apple Security Advisory 09-16-2024-2
https://notcve.org/view.php?id=CVE-2024-40770
16 Sep 2024 — A non-privileged user may be able to modify restricted network settings. macOS Sequoia 15 addresses buffer overflow, bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and spoofing vulnerabilities. • https://support.apple.com/en-us/121238 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44178 – Apple Security Advisory 09-16-2024-9
https://notcve.org/view.php?id=CVE-2024-44178
16 Sep 2024 — An app may be able to modify protected parts of the file system. macOS Sequoia 15 addresses buffer overflow, bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and spoofing vulnerabilities. • https://support.apple.com/en-us/121234 •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40838 – Apple Security Advisory 09-16-2024-2
https://notcve.org/view.php?id=CVE-2024-40838
16 Sep 2024 — A malicious app may be able to access notifications from the user's device. macOS Sequoia 15 addresses buffer overflow, bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and spoofing vulnerabilities. • https://support.apple.com/en-us/121238 •
CVSS: 2.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-44139 – Apple Security Advisory 09-16-2024-1
https://notcve.org/view.php?id=CVE-2024-44139
16 Sep 2024 — An attacker with physical access may be able to access contacts from the lock screen. iOS 18 and iPadOS 18 addresses bypass, cross site scripting, integer overflow, out of bounds access, and out of bounds read vulnerabilities. • https://support.apple.com/en-us/121250 •