CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-27877 – Apple macOS AppleVADriver Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-27877
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. • https://support.apple.com/en-us/HT214120 https://support.apple.com/en-us/HT214119 https://support.apple.com/en-us/HT214118 http://seclists.org/fulldisclosure/2024/Jul/20 http://seclists.org/fulldisclosure/2024/Jul/18 http://seclists.org/fulldisclosure/2024/Jul/19 •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-40789 – Apple WebKit WebCodecs VideoFrame Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-40789
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple WebKit. • https://support.apple.com/en-us/HT214121 https://support.apple.com/en-us/HT214117 https://support.apple.com/en-us/HT214116 https://support.apple.com/en-us/HT214124 https://support.apple.com/en-us/HT214119 https://support.apple.com/en-us/HT214123 https://support.apple.com/en-us/HT214122 https://support.apple.com/kb/HT214121 http://seclists.org/fulldisclosure/2024/Jul/16 http://seclists.org/fulldisclosure/2024/Jul/15 http://seclists.org/fulldisclosure/2024/Jul/ • CWE-125: Out-of-bounds Read •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-27863
https://notcve.org/view.php?id=CVE-2024-27863
An information disclosure issue was addressed with improved private data redaction for log entries. • https://support.apple.com/en-us/HT214117 https://support.apple.com/en-us/HT214124 https://support.apple.com/en-us/HT214119 https://support.apple.com/en-us/HT214123 https://support.apple.com/en-us/HT214122 http://seclists.org/fulldisclosure/2024/Jul/16 http://seclists.org/fulldisclosure/2024/Jul/23 http://seclists.org/fulldisclosure/2024/Jul/21 http://seclists.org/fulldisclosure/2024/Jul/22 http://seclists.org/fulldisclosure/2024/Jul/18 •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-40775
https://notcve.org/view.php?id=CVE-2024-40775
An app may be able to leak sensitive user information. • https://support.apple.com/en-us/HT214120 https://support.apple.com/en-us/HT214119 https://support.apple.com/en-us/HT214118 http://seclists.org/fulldisclosure/2024/Jul/20 http://seclists.org/fulldisclosure/2024/Jul/18 http://seclists.org/fulldisclosure/2024/Jul/19 •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6620
https://notcve.org/view.php?id=CVE-2024-6620
A(n) attacker could potentially inject malicious code which may lead to information disclosure, session theft, or client-side request forgery. • https://sps.honeywell.com/us/en/support/productivity/cyber-security-notifications • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-602: Client-Side Enforcement of Server-Side Security •