
CVE-2024-27850 – Apple Security Advisory 06-10-2024-1
https://notcve.org/view.php?id=CVE-2024-27850
10 Jun 2024 — This issue was addressed with improvements to the noise injection algorithm. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, Safari 17.5, iOS 17.5 and iPadOS 17.5. A maliciously crafted webpage may be able to fingerprint the user. Este problema se solucionó con mejoras en el algoritmo de inyección de ruido. Este problema se solucionó en visionOS 1.2, macOS Sonoma 14.5, Safari 17.5, iOS 17.5 y iPadOS 17.5. • http://seclists.org/fulldisclosure/2024/Jun/5 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •

CVE-2024-27831 – Apple Security Advisory 06-10-2024-1
https://notcve.org/view.php?id=CVE-2024-27831
10 Jun 2024 — An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. Processing a file may lead to unexpected app termination or arbitrary code execution. Se solucionó un problema de escritura fuera de los límites con una validación de entrada mejorada. Este problema se solucionó en macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.... • http://seclists.org/fulldisclosure/2024/Jun/5 • CWE-786: Access of Memory Location Before Start of Buffer CWE-787: Out-of-bounds Write •

CVE-2024-27857 – Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-27857
10 Jun 2024 — An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, tvOS 17.5, iOS 17.5 and iPadOS 17.5. A remote attacker may be able to cause unexpected app termination or arbitrary code execution. Se solucionó un problema de acceso fuera de los límites mejorando la verificación de los límites. Este problema se solucionó en visionOS 1.2, macOS Sonoma 14.5, tvOS 17.5, iOS 17.5 y iPadOS 17.5. • http://seclists.org/fulldisclosure/2024/Jun/5 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVE-2024-27800 – Apple Security Advisory 06-10-2024-1
https://notcve.org/view.php?id=CVE-2024-27800
10 Jun 2024 — This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing a maliciously crafted message may lead to a denial-of-service. Este problema se solucionó eliminando el código vulnerable. Este problema se solucionó en macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 y iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 y... • http://seclists.org/fulldisclosure/2024/Jun/5 • CWE-400: Uncontrolled Resource Consumption •

CVE-2024-27836 – Apple macOS PPM Image Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-27836
10 Jun 2024 — The issue was addressed with improved checks. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, iOS 17.5 and iPadOS 17.5. Processing a maliciously crafted image may lead to arbitrary code execution. El problema se solucionó con controles mejorados. Este problema se solucionó en visionOS 1.2, macOS Sonoma 14.5, iOS 17.5 y iPadOS 17.5. • http://seclists.org/fulldisclosure/2024/Jun/5 • CWE-787: Out-of-bounds Write •

CVE-2024-27820 – webkitgtk: Processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2024-27820
10 Jun 2024 — The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en tvOS 17.5, iOS 16.7.8 y iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 y iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. • http://seclists.org/fulldisclosure/2024/Jun/5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVE-2024-27840 – Apple Security Advisory 06-10-2024-1
https://notcve.org/view.php?id=CVE-2024-27840
10 Jun 2024 — The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5. An attacker that has already achieved kernel code execution may be able to bypass kernel memory protections. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 y iPadOS 16.7.8, tvOS 17.5, visionOS 1.... • http://seclists.org/fulldisclosure/2024/Jun/5 • CWE-786: Access of Memory Location Before Start of Buffer •

CVE-2024-27817 – Apple Security Advisory 06-10-2024-1
https://notcve.org/view.php?id=CVE-2024-27817
10 Jun 2024 — The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges. El problema se solucionó con controles mejorados. Este problema se solucionó en macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 y iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 y iPadOS 17.5, macOS Sonoma 14.5. • http://seclists.org/fulldisclosure/2024/Jun/5 • CWE-353: Missing Support for Integrity Check •

CVE-2024-27801 – Apple Security Advisory 06-10-2024-1
https://notcve.org/view.php?id=CVE-2024-27801
10 Jun 2024 — The issue was addressed with improved checks. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to elevate privileges. El problema se solucionó con controles mejorados. Este problema se solucionó en tvOS 17.5, visionOS 1.2, iOS 17.5 y iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. • http://seclists.org/fulldisclosure/2024/Jun/5 •

CVE-2024-27802 – Apple macOS Metal Framework KTX Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-27802
10 Jun 2024 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution. Se solucionó una lectura fuera de los límites con una validación de entrada mejorada. Este problema se solucionó en macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.... • http://seclists.org/fulldisclosure/2024/Jun/5 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •