CVE-2024-27853

CVE-2024-27853

Título es
CVE-2024-27853

Lun, 29/07/2024 – 23:15

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2024-27853

Descripción en
This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4. A maliciously crafted ZIP archive may bypass Gatekeeper checks.

30/07/2024
30/07/2024
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis

Referencias

  • https://support.apple.com/en-us/HT214084

  • https://support.apple.com/kb/HT214084

    • Enviar en el boletín
    Off

    CVE-2024-27823

    CVE-2024-27823

    Título es
    CVE-2024-27823

    Lun, 29/07/2024 – 23:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-27823

    Descripción en
    A race condition was addressed with improved locking. This issue is fixed in macOS Sonoma 14.5, iOS 16.7.8 and iPadOS 16.7.8, macOS Ventura 13.6.7, watchOS 10.5, visionOS 1.3, tvOS 17.5, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5. An attacker in a privileged network position may be able to spoof network packets.

    30/07/2024
    30/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • http://seclists.org/fulldisclosure/2024/Jul/23

  • https://support.apple.com/en-us/HT214100

  • https://support.apple.com/en-us/HT214101

  • https://support.apple.com/en-us/HT214102

  • https://support.apple.com/en-us/HT214104

  • https://support.apple.com/en-us/HT214105

  • https://support.apple.com/en-us/HT214106

  • https://support.apple.com/en-us/HT214107

  • https://support.apple.com/en-us/HT214123

    • Enviar en el boletín
    Off

    CVE-2024-27809

    CVE-2024-27809

    Título es
    CVE-2024-27809

    Lun, 29/07/2024 – 23:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-27809

    Descripción en
    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data.

    30/07/2024
    30/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://support.apple.com/en-us/HT214084

  • https://support.apple.com/kb/HT214084

    • Enviar en el boletín
    Off

    CVE-2024-27888

    CVE-2024-27888

    Título es
    CVE-2024-27888

    Lun, 29/07/2024 – 23:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-27888

    Descripción en
    A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Sonoma 14.4. An app may be able to modify protected parts of the file system.

    30/07/2024
    30/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://support.apple.com/en-us/HT214084

  • https://support.apple.com/kb/HT214084

    • Enviar en el boletín
    Off

    CVE-2024-27887

    CVE-2024-27887

    Título es
    CVE-2024-27887

    Lun, 29/07/2024 – 23:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-27887

    Descripción en
    A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data.

    30/07/2024
    30/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://support.apple.com/en-us/HT214084

  • https://support.apple.com/kb/HT214084

    • Enviar en el boletín
    Off

    CVE-2024-27886

    CVE-2024-27886

    Título es
    CVE-2024-27886

    Lun, 29/07/2024 – 23:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-27886

    Descripción en
    A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.4. An unprivileged app may be able to log keystrokes in other apps including those using secure input mode.

    30/07/2024
    30/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://support.apple.com/en-us/HT214084

  • https://support.apple.com/kb/HT214084

    • Enviar en el boletín
    Off

    CVE-2024-27884

    CVE-2024-27884

    Título es
    CVE-2024-27884

    Lun, 29/07/2024 – 23:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-27884

    Descripción en
    This issue was addressed with a new entitlement. This issue is fixed in macOS Sonoma 14.5, watchOS 10.5, visionOS 1.2, tvOS 17.5, iOS 17.5 and iPadOS 17.5. An app may be able to access user-sensitive data.

    30/07/2024
    30/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://support.apple.com/en-us/HT214101

  • https://support.apple.com/en-us/HT214102

  • https://support.apple.com/en-us/HT214104

  • https://support.apple.com/en-us/HT214106

  • https://support.apple.com/en-us/HT214108

    • Enviar en el boletín
    Off

    CVE-2024-40813

    CVE-2024-40813

    Título es
    CVE-2024-40813

    Lun, 29/07/2024 – 23:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-40813

    Descripción en
    A lock screen issue was addressed with improved state management. This issue is fixed in watchOS 10.6, iOS 17.6 and iPadOS 17.6. An attacker with physical access may be able to use Siri to access sensitive user data.

    30/07/2024
    30/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • http://seclists.org/fulldisclosure/2024/Jul/16

  • http://seclists.org/fulldisclosure/2024/Jul/21

  • https://support.apple.com/en-us/HT214117

  • https://support.apple.com/en-us/HT214124

    • Enviar en el boletín
    Off

    CVE-2023-42958

    CVE-2023-42958

    Título es
    CVE-2023-42958

    Lun, 29/07/2024 – 21:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2023-42958

    Descripción en
    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.4. An app may be able to gain elevated privileges.

    29/07/2024
    29/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://support.apple.com/en-us/HT213758

    • Enviar en el boletín
    Off

    CVE-2023-42957

    CVE-2023-42957

    Título es
    CVE-2023-42957

    Lun, 29/07/2024 – 21:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2023-42957

    Descripción en
    A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10. An app may be able to read sensitive location information.

    29/07/2024
    29/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://support.apple.com/en-us/HT213937

  • https://support.apple.com/en-us/HT213938

  • https://support.apple.com/en-us/HT213940

    • Enviar en el boletín
    Off