U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:apple:macos:10.15.7:security_update_2022-002:*:*:*:*:*:*
  • CPE Name Search: true
There are 633 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2024-44158

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. A shortcut may output sensitive user data without consent.

Published: September 16, 2024; 8:15:50 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2024-44154

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted file may lead to unexpected app termination.

Published: September 16, 2024; 8:15:50 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2024-44153

The issue was addressed with improved permissions logic. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access user-sensitive data.

Published: September 16, 2024; 8:15:50 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2024-44152

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data.

Published: September 16, 2024; 8:15:50 PM -0400 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2024-44151

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system.

Published: September 16, 2024; 8:15:50 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2024-44149

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data.

Published: September 16, 2024; 8:15:50 PM -0400 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2024-44148

This issue was addressed with improved validation of file attributes. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox.

Published: September 16, 2024; 8:15:50 PM -0400 		V4.0:(not available)
 V3.1: 10.0 CRITICAL
V2.0:(not available)
CVE-2024-44146

A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox.

Published: September 16, 2024; 8:15:50 PM -0400 		V4.0:(not available)
 V3.1: 10.0 CRITICAL
V2.0:(not available)
CVE-2024-44135

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access protected files within an App Sandbox container.

Published: September 16, 2024; 8:15:50 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2024-44134

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15. An app may be able to read sensitive location information.

Published: September 16, 2024; 8:15:50 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2024-44133

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15. On MDM managed devices, an app may be able to bypass certain Privacy preferences.

Published: September 16, 2024; 8:15:50 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2024-44131

This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to access sensitive user data.

Published: September 16, 2024; 8:15:50 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2024-44130

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15. An app with root privileges may be able to access private information.

Published: September 16, 2024; 8:15:50 PM -0400 		V4.0:(not available)
 V3.1: 4.4 MEDIUM
V2.0:(not available)
CVE-2024-44129

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, macOS Sequoia 15. An app may be able to leak sensitive user information.

Published: September 16, 2024; 8:15:50 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2024-44128

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An Automator Quick Action workflow may be able to bypass Gatekeeper.

Published: September 16, 2024; 8:15:50 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2024-44125

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. A malicious application may be able to leak sensitive user information.

Published: September 16, 2024; 8:15:49 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2024-40866

The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing.

Published: September 16, 2024; 8:15:49 PM -0400 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2024-40860

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system.

Published: September 16, 2024; 8:15:49 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2024-40859

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data.

Published: September 16, 2024; 8:15:49 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2024-40857

This issue was addressed through improved state management. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to universal cross site scripting.

Published: September 16, 2024; 8:15:49 PM -0400 		V4.0:(not available)
 V3.1: 6.1 MEDIUM
V2.0:(not available)