CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-44207
https://notcve.org/view.php?id=CVE-2024-44207
03 Oct 2024 — This issue was addressed with improved checks. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. Audio messages in Messages may be able to capture a few seconds of audio before the microphone indicator is activated. • https://support.apple.com/en-us/121373 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-44204
https://notcve.org/view.php?id=CVE-2024-44204
03 Oct 2024 — A logic issue was addressed with improved validation. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. A user's saved passwords may be read aloud by VoiceOver. • https://support.apple.com/en-us/121373 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40852
https://notcve.org/view.php?id=CVE-2024-40852
16 Sep 2024 — This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to see recent photos without authentication in Assistive Access. • https://support.apple.com/en-us/121250 •
CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-44169
https://notcve.org/view.php?id=CVE-2024-44169
16 Sep 2024 — The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma 14.7, tvOS 18. An app may be able to cause unexpected system termination. • https://support.apple.com/en-us/121234 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27874
https://notcve.org/view.php?id=CVE-2024-27874
16 Sep 2024 — This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. A remote attacker may be able to cause a denial-of-service. • https://support.apple.com/en-us/121250 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2024-44167
https://notcve.org/view.php?id=CVE-2024-44167
16 Sep 2024 — This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to overwrite arbitrary files. • https://support.apple.com/en-us/121234 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.7EPSS: 0%CPEs: 3EXPL: 0CVE-2024-44147
https://notcve.org/view.php?id=CVE-2024-44147
16 Sep 2024 — This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. An app may gain unauthorized access to Local Network. • https://support.apple.com/en-us/121250 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27869
https://notcve.org/view.php?id=CVE-2024-27869
16 Sep 2024 — The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to record the screen without an indicator. • https://support.apple.com/en-us/121238 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2024-40833
https://notcve.org/view.php?id=CVE-2024-40833
29 Jul 2024 — A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Ventura 13.6.8. A shortcut may be able to use sensitive data with certain actions without prompting the user. • https://support.apple.com/en-us/HT214116 •
CVSS: 7.7EPSS: 0%CPEs: 7EXPL: 0CVE-2024-40805
https://notcve.org/view.php?id=CVE-2024-40805
29 Jul 2024 — A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, tvOS 17.6. An app may be able to bypass Privacy preferences. • https://support.apple.com/en-us/HT214117 • CWE-281: Improper Preservation of Permissions •