CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-27851 – webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2024-27851
Processing maliciously crafted web content may lead to arbitrary code execution. ... This flaw allows a remote attacker to perform arbitrary code execution when processing web content. This flaw is caused by insufficient bounds checks, which could be exploited by attackers to execute malicious code on affected systems. • http://seclists.org/fulldisclosure/2024/Jun/5 https://support.apple.com/en-us/HT214101 https://support.apple.com/en-us/HT214102 https://support.apple.com/en-us/HT214103 https://support.apple.com/en-us/HT214104 https://support.apple.com/en-us/HT214106 https://support.apple.com/en-us/HT214108 https://access.redhat.com/security/cve/CVE-2024-27851 https://bugzilla.redhat.com/show_bug.cgi?id=2314704 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-27857 – Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-27857
A remote attacker may be able to cause unexpected app termination or arbitrary code execution. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • http://seclists.org/fulldisclosure/2024/Jun/5 https://support.apple.com/en-us/HT214101 https://support.apple.com/en-us/HT214102 https://support.apple.com/en-us/HT214106 https://support.apple.com/en-us/HT214108 https://support.apple.com/kb/HT214101 https://support.apple.com/kb/HT214102 https://support.apple.com/kb/HT214106 https://support.apple.com/kb/HT214108 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27836 – Apple macOS PPM Image Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-27836
Processing a maliciously crafted image may lead to arbitrary code execution. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • http://seclists.org/fulldisclosure/2024/Jun/5 https://support.apple.com/en-us/HT214101 https://support.apple.com/en-us/HT214106 https://support.apple.com/en-us/HT214108 https://support.apple.com/kb/HT214101 https://support.apple.com/kb/HT214106 https://support.apple.com/kb/HT214108 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-27820 – webkitgtk: Processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2024-27820
Processing web content may lead to arbitrary code execution. ... This flaw allows a remote attacker to perform arbitrary code execution when processing web content. This flaw is caused by insufficient memory handling, which attackers could exploit to execute malicious code on affected systems. • http://seclists.org/fulldisclosure/2024/Jun/5 https://support.apple.com/en-us/HT214100 https://support.apple.com/en-us/HT214101 https://support.apple.com/en-us/HT214102 https://support.apple.com/en-us/HT214103 https://support.apple.com/en-us/HT214104 https://support.apple.com/en-us/HT214106 https://support.apple.com/en-us/HT214108 https://access.redhat.com/security/cve/CVE-2024-27820 https://bugzilla.redhat.com/show_bug.cgi?id=2314698 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-27817
https://notcve.org/view.php?id=CVE-2024-27817
An app may be able to execute arbitrary code with kernel privileges. • http://seclists.org/fulldisclosure/2024/Jun/5 https://support.apple.com/en-us/HT214100 https://support.apple.com/en-us/HT214101 https://support.apple.com/en-us/HT214102 https://support.apple.com/en-us/HT214105 https://support.apple.com/en-us/HT214106 https://support.apple.com/en-us/HT214107 https://support.apple.com/en-us/HT214108 https://support.apple.com/kb/HT214100 https://support.apple.com/kb/HT214101 https://support.apple.com/kb/HT214102 https://s • CWE-353: Missing Support for Integrity Check •