cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-44298,https://securityvulnerability.io/vulnerability/CVE-2024-44298,Privacy Vulnerability in Apple macOS for User Data Exposure,"CVE-2024-44298 addresses a significant privacy vulnerability within Apple’s macOS Sequoia 15.1. This flaw permits unauthorized applications to access sensitive information regarding a user's contacts, compromising privacy protections. The vulnerability has been mitigated by enhancing private data redaction in log entries. Users are advised to update to the latest version to safeguard their personal data against potential exposure.",Apple,Mac OS,3.3,LOW,0.0004400000034365803,false,false,false,false,,false,false,2024-12-20T04:06:20.221Z,0
CVE-2024-44293,https://securityvulnerability.io/vulnerability/CVE-2024-44293,Privacy Vulnerability Affecting Apple macOS Sequoia Security,"CVE-2024-44293 is a significant privacy vulnerability found in Apple’s macOS Sequoia 15. The flaw occurs due to inadequate redaction of sensitive user data in log entries, potentially allowing malicious actors or unauthorized users to retrieve private information. This issue, identified as high risk, has been addressed in the macOS Sequoia 15.1 update, which enhances the protection of user privacy by improving the handling of log data. Users of affected versions are urged to update their systems promptly to mitigate potential exposure risks.",Apple,Mac OS,5.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-12-20T04:06:19.170Z,0
CVE-2024-44211,https://securityvulnerability.io/vulnerability/CVE-2024-44211,Symlink Validation Flaw in Apple's macOS Sequoia Affects Sensitive User Data,"CVE-2024-44211 is a high-risk vulnerability affecting Apple's macOS Sequoia 15.1 that arises from inadequate validation of symbolic links (symlinks). This security flaw could potentially allow malicious applications to gain unauthorized access to sensitive user data, posing a significant risk to user privacy and data integrity. Apple has addressed this vulnerability through improved symlink validation measures in the latest software update.",Apple,Mac OS,5.5,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-12-20T04:06:18.132Z,0
CVE-2024-44231,https://securityvulnerability.io/vulnerability/CVE-2024-44231,Physical Access Vulnerability in MacOS Sequoia Affecting Security Management,"CVE-2024-44231 is a high-severity vulnerability affecting macOS Sequoia 15.1 that arises when an attacker with physical access attempts to bypass the system's Login Window during a software update process. The flaw exists due to inadequate state management during software updates, which could potentially allow an unauthorized user to access sensitive information or perform unauthorized actions. Apple has issued a fix in version 15.1 to mitigate this issue. It is critical for users to ensure their systems are updated to safeguard against this vulnerability.",Apple,Mac OS,4.6,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-12-20T04:06:17.087Z,0
CVE-2024-44292,https://securityvulnerability.io/vulnerability/CVE-2024-44292,Privacy Vulnerability Impacting Apple macOS Sequoia 15.1,"CVE-2024-44292 is a high-risk privacy vulnerability discovered in Apple’s macOS Sequoia 15.1. This flaw pertains to insufficient redaction of private data in log entries, potentially allowing malicious applications to access sensitive user information. Apple has addressed this issue in the latest software update, emphasizing the need for users to upgrade immediately to safeguard their personal data from unauthorized access.",Apple,Mac OS,5.5,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-12-20T04:06:16.028Z,0
CVE-2024-44195,https://securityvulnerability.io/vulnerability/CVE-2024-44195,Logic Flaw in macOS Sequoia allowing Unauthorized File Access,"CVE-2024-44195 pertains to a significant vulnerability in macOS Sequoia, where a logic issue could allow malicious applications to read arbitrary files from the user’s system. This flaw underscores the importance of proper validation mechanisms within operating system functionalities. Apple has addressed this vulnerability in macOS Sequoia version 15.1, enhancing the validation processes to mitigate the risks associated with unauthorized access. Users are encouraged to update their systems promptly to shield against potential exploits stemming from this vulnerability.",Apple,Mac OS,,,0.0004400000034365803,false,false,false,false,,false,false,2024-12-20T04:06:14.973Z,0
CVE-2024-44223,https://securityvulnerability.io/vulnerability/CVE-2024-44223,Physical Access Vulnerability in macOS Sequoia 15.1,"CVE-2024-44223 is a high-risk vulnerability affecting Apple's macOS Sequoia 15.1. The vulnerability arises due to inadequate state management, which can potentially allow an attacker with physical access to a Mac to view protected content directly from the Login Window. This critical weakness underscores the importance of securing physical access to devices to mitigate such threats. Users are strongly advised to upgrade to the latest version to protect against this vulnerability.",Apple,Mac OS,4.6,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-12-20T04:06:13.875Z,0
CVE-2024-54538,https://securityvulnerability.io/vulnerability/CVE-2024-54538,Denial-of-Service Vulnerability in Apple Products Due to Input Validation Issues,"CVE-2024-54538 is a critical denial-of-service vulnerability affecting multiple Apple operating systems. The flaw stems from inadequate input validation, allowing a remote attacker to exploit this vulnerability and potentially disrupt services. Recent updates have addressed this issue, with fixes implemented in visionOS 2.1, iOS 18.1, iPadOS 18.1, iOS 17.7.1, iPadOS 17.7.1, tvOS 18.1, macOS Sonoma 14.7.1, watchOS 11.1, and macOS Ventura 13.7.1. Users are strongly advised to update their devices to mitigate any security risks.",Apple,"Mac OS,iPhone OS,iPad OS,Watch OS,Visionos,TV OS",7.5,HIGH,0.0009299999801442027,false,false,false,false,,false,false,2024-12-20T01:15:00.000Z,0
CVE-2024-54492,https://securityvulnerability.io/vulnerability/CVE-2024-54492,"Apple Addresses Network Traffic Alteration Vulnerability in macOS Sequoia 15.2, iOS 18.2, and iPadOS 18.2","This vulnerability concerns a security flaw in Apple's operating systems that could allow an attacker positioned within a privileged network to intercept and manipulate network traffic. The issue arises from the application's failure to utilize HTTPS efficiently when transmitting sensitive information across the network. As a consequence, there is a risk of exposure to man-in-the-middle attacks, potentially compromising the integrity of user data. Apple has addressed this vulnerability in macOS Sequoia 15.2, iOS 18.2, iPadOS 18.2, iPadOS 17.7.3, and visionOS 2.2 by enhancing the handling of network communications.",Apple,"Visionos,Mac OS,iPad OS,iOS And iPad OS",5.9,MEDIUM,0.000539999979082495,false,false,false,false,,true,false,2024-12-12T02:15:00.000Z,8186
CVE-2024-54484,https://securityvulnerability.io/vulnerability/CVE-2024-54484,,The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app may be able to access user-sensitive data.,Apple,Mac OS,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-54489,https://securityvulnerability.io/vulnerability/CVE-2024-54489,Path Handling Issue in Apple macOS,"The vulnerability involves a path handling issue that can lead to unexpected execution of arbitrary code when executing a mount command on affected versions of macOS. This flaw has been addressed with improved validation in the latest updates, specifically in macOS Sequoia 15.2, Ventura 13.7.2, and Sonoma 14.7.2. Users are advised to update their systems promptly to safeguard against potential exploitation.",Apple,Mac OS,7.8,HIGH,0.0004199999966658652,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-54486,https://securityvulnerability.io/vulnerability/CVE-2024-54486,"Apple Fixes Memory Disclosure Vulnerability in iPadOS, watchOS, tvOS, and macOS Releases","A vulnerability exists within various Apple operating systems that could lead to the disclosure of memory content. This issue arises when processing specially crafted font files, potentially allowing unauthorized access to sensitive process memory. The flaw has been addressed in several updates, including iPadOS 17.7.3, iOS 18.2, and various releases of macOS, watchOS, and visionOS. Users are encouraged to update their devices to mitigate potential risks associated with this issue. For further information, please consult Apple's official support documents.",Apple,"Watch OS,TV OS,Visionos,iPhone OS,Mac OS,iPad OS",6.5,MEDIUM,0.0011599999852478504,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-54493,https://securityvulnerability.io/vulnerability/CVE-2024-54493,Improper State Management in Apple macOS Sequoia Microphone Access,"A vulnerability in Apple's macOS Sequoia has been identified where privacy indicators related to microphone access may not accurately reflect the state of microphone use. This issue arises due to improper state management, which can lead to confusion for users regarding which applications are actively using their microphone. Corrective measures have been implemented in version 15.2 of macOS Sequoia, enhancing the reliability of privacy indicators and safeguarding user privacy.",Apple,Mac OS,3.3,LOW,0.0004299999854993075,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-44220,https://securityvulnerability.io/vulnerability/CVE-2024-44220,,"The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2. Parsing a maliciously crafted video file may lead to unexpected system termination.",Apple,Mac OS,5.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-54471,https://securityvulnerability.io/vulnerability/CVE-2024-54471,,"This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1. A malicious application may be able to leak a user's credentials.",Apple,Mac OS,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-54476,https://securityvulnerability.io/vulnerability/CVE-2024-54476,,"The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to access user-sensitive data.",Apple,Mac OS,5.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-44248,https://securityvulnerability.io/vulnerability/CVE-2024-44248,,"This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.7.2, macOS Sonoma 14.7.2. A user with screen sharing access may be able to view another user's screen.",Apple,Mac OS,6.5,MEDIUM,0.0006799999973736703,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-54477,https://securityvulnerability.io/vulnerability/CVE-2024-54477,,"The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to access user-sensitive data.",Apple,Mac OS,5.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-54527,https://securityvulnerability.io/vulnerability/CVE-2024-54527,Data Access Vulnerability in Apple Products,"A vulnerability present in various Apple operating systems allows unauthorized access to sensitive user data by applications. This issue has been addressed through enhanced verification checks in the latest updates, ensuring that sensitive information is better protected. Users are encouraged to update their devices to the latest versions to mitigate potential privacy risks that arise from this flaw.",Apple,"Watch OS,iPad OS,TV OS,iPhone OS,Mac OS",5.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,201
CVE-2024-44243,https://securityvulnerability.io/vulnerability/CVE-2024-44243,Apple Addresses File System Configuration Issue with macOS Sequoia 15.2 Update,"A configuration issue in Apple macOS Sequoia allows certain applications the ability to modify protected parts of the file system, potentially exposing critical system components and data to unauthorized changes. This vulnerability emphasizes the importance of maintaining strict access controls and ensuring that security practices are in place to protect system integrity. The issue has been addressed in macOS Sequoia 15.2, underscoring the need for users to update their systems to mitigate the risks associated with this configuration flaw.",Apple,Mac OS,5.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-44225,https://securityvulnerability.io/vulnerability/CVE-2024-44225,Logic Issue in Apple iPadOS and macOS Products Leading to Elevated Privileges,"A logic flaw has been identified in various Apple operating systems, including iPadOS, watchOS, tvOS, and macOS. This vulnerability enables unauthorized applications to potentially gain elevated privileges, allowing them to execute actions without the user's consent. Apple has released updates for compromised versions to address this loophole, enhancing the security of the affected systems. It is crucial for users to update their devices to the latest versions to mitigate the risk associated with this vulnerability.",Apple,"TV OS,Mac OS,Watch OS,iPad OS,iOS And iPad OS",7.8,HIGH,0.0005699999746866524,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-54466,https://securityvulnerability.io/vulnerability/CVE-2024-54466,,"An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An encrypted volume may be accessed by a different user without prompting for the password.",Apple,Mac OS,5.3,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-44201,https://securityvulnerability.io/vulnerability/CVE-2024-44201,,"The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, macOS Ventura 13.7.2, iOS 18.1 and iPadOS 18.1, macOS Sonoma 14.7.2. Processing a malicious crafted file may lead to a denial-of-service.",Apple,"iPhone OS,iPad OS,Mac OS",5.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-54498,https://securityvulnerability.io/vulnerability/CVE-2024-54498,Path Handling Vulnerability in Apple macOS Products,"A path handling vulnerability has been identified in certain versions of macOS, which may allow an application to escape its sandbox environment. This issue highlights a validation flaw affecting the integrity of path management within the operating system. Apple has released updates to address this vulnerability in macOS Sequoia 15.2, macOS Ventura 13.7.2, and macOS Sonoma 14.7.2 to mitigate the risk of unauthorized access and ensure improved application containment.",Apple,Mac OS,8.8,HIGH,0.0004199999966658652,false,false,false,true,true,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-54500,https://securityvulnerability.io/vulnerability/CVE-2024-54500,,"The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Processing a maliciously crafted image may result in disclosure of process memory.",Apple,"Watch OS,TV OS,Visionos,iPhone OS,Mac OS,iPad OS",5.5,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0