CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40852
https://notcve.org/view.php?id=CVE-2024-40852
16 Sep 2024 — This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to see recent photos without authentication in Assistive Access. • https://support.apple.com/en-us/121250 •
CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-44169
https://notcve.org/view.php?id=CVE-2024-44169
16 Sep 2024 — The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma 14.7, tvOS 18. An app may be able to cause unexpected system termination. • https://support.apple.com/en-us/121234 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27874
https://notcve.org/view.php?id=CVE-2024-27874
16 Sep 2024 — This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. A remote attacker may be able to cause a denial-of-service. • https://support.apple.com/en-us/121250 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2024-44167
https://notcve.org/view.php?id=CVE-2024-44167
16 Sep 2024 — This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to overwrite arbitrary files. • https://support.apple.com/en-us/121234 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.7EPSS: 0%CPEs: 3EXPL: 0CVE-2024-44147
https://notcve.org/view.php?id=CVE-2024-44147
16 Sep 2024 — This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. An app may gain unauthorized access to Local Network. • https://support.apple.com/en-us/121250 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27869
https://notcve.org/view.php?id=CVE-2024-27869
16 Sep 2024 — The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to record the screen without an indicator. • https://support.apple.com/en-us/121238 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 33EXPL: 0CVE-2023-42843 – webkit: visiting a malicious website may lead to address bar spoofing
https://notcve.org/view.php?id=CVE-2023-42843
21 Feb 2024 — An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spoofing. Se solucionó un problema de interfaz de usuario inconsistente con una gestión de estado mejorada. Este problema se solucionó en iOS 16.7.2 y iPadOS 16.7.2, iOS 17.1 y iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. • http://www.openwall.com/lists/oss-security/2024/03/26/1 • CWE-290: Authentication Bypass by Spoofing •