|
291
|
5.5
-
|
MEDIUM
Local
|
This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to access sensitive user data.
|
CWE-59
Link Following
|
CVE-2024-44131
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
18.0
|
2024-09-25 04:01
2024-09-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292
|
5.5
-
|
MEDIUM
Local
|
A file access issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, …
|
NVD-CWE-noinfo
|
CVE-2024-40850
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
17.7
|
2024-09-25 00:41
2024-09-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293
|
5.5
-
|
MEDIUM
Local
|
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able t…
|
NVD-CWE-noinfo
|
CVE-2024-40844
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
17.7
|
2024-09-25 00:55
2024-09-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294
|
3.3
-
|
LOW
Local
|
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-40791
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
17.7
|
2024-09-25 00:44
2024-09-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295
|
5.5
-
|
MEDIUM
Local
|
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-27880
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
17.7
|
2024-09-25 01:34
2024-09-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296
|
5.5
-
|
MEDIUM
Local
|
This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, Xcode 16, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. An app …
|
NVD-CWE-noinfo
|
CVE-2024-44191
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
17.7
|
2024-09-25 22:24
2024-09-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297
|
6.5
-
|
MEDIUM
Network
|
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 …
|
CWE-346
Origin Validation Error
|
CVE-2024-44187
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
18.0
|
2024-09-25 22:25
2024-09-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298
|
5.5
-
|
MEDIUM
Local
|
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iP…
|
NVD-CWE-noinfo
|
CVE-2024-44176
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
17.7
|
2024-09-25 22:27
2024-09-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299
|
6.5
-
|
MEDIUM
Adjacent
|
This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. A malicious Bluetooth input device may bypass pairing.
|
NVD-CWE-noinfo
|
CVE-2024-44124
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
18.0
|
2024-09-26 00:14
2024-09-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300
|
5.5
-
|
MEDIUM
Local
|
This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to leak sensitive user information.
|
NVD-CWE-noinfo
|
CVE-2024-40863
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
18.0
|
2024-09-25 22:40
2024-09-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|