CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42101 – drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes
https://notcve.org/view.php?id=CVE-2024-42101
30 Jul 2024 — Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. • https://git.kernel.org/stable/c/6ee738610f41b59733f63718f0bdbcba7d3a3f12 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-40777 – Apple macOS ImageIO PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-40777
29 Jul 2024 — Crafted data in a PSD file can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. macOS Sonoma 14.6 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, out of bounds access, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT214117 • CWE-125: Out-of-bounds Read •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40798 – Apple Security Advisory 07-29-2024-6
https://notcve.org/view.php?id=CVE-2024-40798
29 Jul 2024 — An app may be able to read Safari's browsing history. macOS Sonoma 14.6 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, out of bounds access, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT214116 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-40809 – Apple Security Advisory 07-29-2024-7
https://notcve.org/view.php?id=CVE-2024-40809
29 Jul 2024 — A shortcut may be able to bypass Internet permission requirements. macOS Sonoma 14.6 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, out of bounds access, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT214117 •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2024-27871 – Apple Security Advisory 07-29-2024-4
https://notcve.org/view.php?id=CVE-2024-27871
29 Jul 2024 — An app may be able to access protected user data. macOS Sonoma 14.6 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, out of bounds access, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT214117 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-27826 – Apple Security Advisory 07-29-2024-6
https://notcve.org/view.php?id=CVE-2024-27826
29 Jul 2024 — An app may be able to execute arbitrary code with kernel privileges. visionOS 1.3 addresses bypass, information leakage, integer overflow, out of bounds access, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT214101 • CWE-269: Improper Privilege Management •
CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2024-40833 – Apple Security Advisory 07-29-2024-6
https://notcve.org/view.php?id=CVE-2024-40833
29 Jul 2024 — A shortcut may be able to use sensitive data with certain actions without prompting the user. macOS Sonoma 14.6 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, out of bounds access, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT214116 •
CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40813 – Apple Security Advisory 07-29-2024-7
https://notcve.org/view.php?id=CVE-2024-40813
29 Jul 2024 — An attacker with physical access may be able to use Siri to access sensitive user data. iOS 17.6 and iPadOS 17.6 addresses bypass, information leakage, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT214117 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 7.7EPSS: 0%CPEs: 7EXPL: 0CVE-2024-40805 – Apple Security Advisory 07-29-2024-7
https://notcve.org/view.php?id=CVE-2024-40805
29 Jul 2024 — An app may be able to bypass Privacy preferences. macOS Sonoma 14.6 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, out of bounds access, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT214117 • CWE-281: Improper Preservation of Permissions •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40829 – Apple Security Advisory 07-29-2024-7
https://notcve.org/view.php?id=CVE-2024-40829
29 Jul 2024 — An attacker may be able to view restricted content from the lock screen. iOS 17.6 and iPadOS 17.6 addresses bypass, information leakage, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT214117 • CWE-416: Use After Free •