CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-27857 – Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-27857
A remote attacker may be able to cause unexpected app termination or arbitrary code execution. • http://seclists.org/fulldisclosure/2024/Jun/5 https://support.apple.com/en-us/HT214101 https://support.apple.com/en-us/HT214102 https://support.apple.com/en-us/HT214106 https://support.apple.com/en-us/HT214108 https://support.apple.com/kb/HT214101 https://support.apple.com/kb/HT214102 https://support.apple.com/kb/HT214106 https://support.apple.com/kb/HT214108 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27836 – Apple macOS PPM Image Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-27836
Processing a maliciously crafted image may lead to arbitrary code execution. • http://seclists.org/fulldisclosure/2024/Jun/5 https://support.apple.com/en-us/HT214101 https://support.apple.com/en-us/HT214106 https://support.apple.com/en-us/HT214108 https://support.apple.com/kb/HT214101 https://support.apple.com/kb/HT214106 https://support.apple.com/kb/HT214108 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-27820 – webkitgtk: Processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2024-27820
Processing web content may lead to arbitrary code execution. ... This flaw allows a remote attacker to perform arbitrary code execution when processing web content. • http://seclists.org/fulldisclosure/2024/Jun/5 https://support.apple.com/en-us/HT214100 https://support.apple.com/en-us/HT214101 https://support.apple.com/en-us/HT214102 https://support.apple.com/en-us/HT214103 https://support.apple.com/en-us/HT214104 https://support.apple.com/en-us/HT214106 https://support.apple.com/en-us/HT214108 https://access.redhat.com/security/cve/CVE-2024-27820 https://bugzilla.redhat.com/show_bug.cgi?id=2314698 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-27802 – Apple macOS Metal Framework KTX Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-27802
Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution. • http://seclists.org/fulldisclosure/2024/Jun/5 https://support.apple.com/en-us/HT214100 https://support.apple.com/en-us/HT214101 https://support.apple.com/en-us/HT214102 https://support.apple.com/en-us/HT214105 https://support.apple.com/en-us/HT214106 https://support.apple.com/en-us/HT214107 https://support.apple.com/en-us/HT214108 https://support.apple.com/kb/HT214100 https://support.apple.com/kb/HT214101 https://support.apple.com/kb/HT214102 https://s • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-27808
https://notcve.org/view.php?id=CVE-2024-27808
Processing web content may lead to arbitrary code execution. • http://seclists.org/fulldisclosure/2024/Jun/5 https://support.apple.com/en-us/HT214101 https://support.apple.com/en-us/HT214102 https://support.apple.com/en-us/HT214103 https://support.apple.com/en-us/HT214104 https://support.apple.com/en-us/HT214106 https://support.apple.com/en-us/HT214108 • CWE-786: Access of Memory Location Before Start of Buffer •