Apple macOS 14.0

The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A malicious app may be able to gain root privileges.

Published: 2024-07-29T22:17:14.863Z
Updated: 2026-04-02T18:24:24.333Z

This issue was addressed through improved state management. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences.

Published: 2024-07-29T22:17:09.635Z
Updated: 2026-04-02T18:23:14.349Z

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. Third party app extensions may not receive the correct sandbox restrictions.

Published: 2024-07-29T22:16:50.306Z
Updated: 2026-04-02T18:15:31.108Z

A race condition was addressed with additional validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

Published: 2024-07-29T22:17:07.016Z
Updated: 2026-04-02T18:22:19.553Z

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. An app may be able to modify protected parts of the file system.

Published: 2024-07-29T22:16:36.122Z
Updated: 2026-04-02T18:09:56.121Z

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences.

Published: 2024-07-29T22:17:17.455Z
Updated: 2026-04-02T18:25:58.368Z

An input validation issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to modify protected parts of the file system.

Published: 2024-07-29T22:16:43.666Z
Updated: 2026-04-02T18:13:17.581Z

An integer overflow was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing a maliciously crafted file may lead to unexpected app termination.

Published: 2024-07-29T22:17:04.342Z
Updated: 2026-04-02T18:21:59.917Z

The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A local attacker may be able to elevate their privileges.

Published: 2024-07-29T22:16:30.167Z
Updated: 2026-04-02T18:09:00.419Z

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing a maliciously crafted file may lead to unexpected app termination.

Published: 2024-07-29T22:17:26.092Z
Updated: 2026-04-02T18:27:24.469Z

The issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. A shortcut may be able to use sensitive data with certain actions without prompting the user.

Published: 2024-06-10T20:56:40.924Z
Updated: 2026-04-02T18:16:59.729Z

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.6, macOS Sonoma 14.5, macOS Ventura 13.6.8, tvOS 17.5, visionOS 1.3, watchOS 10.5. A local attacker may be able to cause unexpected system shutdown.

Published: 2024-07-29T22:17:21.773Z
Updated: 2026-04-02T18:26:54.823Z

The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to elevate privileges.

Published: 2024-06-10T20:56:46.607Z
Updated: 2026-04-02T18:24:46.609Z

An issue was addressed with improved validation of environment variables. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, watchOS 10.5. An app may be able to access sensitive user data.

Published: 2024-06-10T20:56:36.274Z
Updated: 2026-04-02T18:08:35.675Z

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.

Published: 2024-06-10T20:56:41.329Z
Updated: 2026-04-02T18:17:12.947Z

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing a maliciously crafted message may lead to a denial-of-service.

Published: 2024-06-10T20:56:44.028Z
Updated: 2026-04-02T18:21:36.397Z

The issue was addressed with improved checks. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, tvOS 17.3. An app may be able to corrupt coprocessor memory.

Published: 2024-04-24T16:43:44.979Z
Updated: 2026-04-02T18:21:22.054Z

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventura 13.6.7, tvOS 17.4, visionOS 1.1, watchOS 10.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.

Published: 2024-03-05T19:24:13.999Z
Updated: 2026-04-02T18:25:23.413Z

An injection issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.

Published: 2024-03-08T01:36:06.303Z
Updated: 2026-04-02T18:23:30.816Z

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4. An app may be able to execute arbitrary code with kernel privileges.

Published: 2024-03-08T01:35:35.392Z
Updated: 2026-04-02T18:14:10.366Z

An injection issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.

Published: 2024-03-08T01:35:48.416Z
Updated: 2026-04-02T18:18:27.496Z

A logic issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.

Published: 2024-03-08T01:36:19.295Z
Updated: 2026-04-02T18:26:35.629Z

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. An app may be able to break out of its sandbox.

Published: 2024-03-08T01:35:32.589Z
Updated: 2026-04-02T18:13:13.106Z

A race condition was addressed with additional validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. An app may be able to access user-sensitive data.

Published: 2024-03-08T01:36:04.430Z
Updated: 2026-04-02T18:23:19.051Z

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1, watchOS 10.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.

Published: 2024-03-05T19:24:12.330Z
Updated: 2026-04-02T18:20:00.500Z

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331.

Published: 2023-09-03T18:54:47.173Z
Updated: 2025-02-13T17:18:02.214Z

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848.

Published: 2023-09-02T19:39:14.290Z
Updated: 2025-11-03T20:36:03.988Z

Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833.

Published: 2023-09-02T18:02:05.557Z
Updated: 2025-02-13T17:17:59.866Z

Processing a file may lead to a denial-of-service or potentially disclose memory contents. This issue is fixed in macOS 14. The issue was addressed with improved checks.

Published: 2025-04-11T14:53:56.349Z
Updated: 2025-04-11T15:53:17.568Z

A permissions issue was addressed with additional restrictions. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.

Published: 2024-02-21T06:41:09.357Z
Updated: 2025-11-04T19:25:03.992Z

The issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.1. An app with root privileges may be able to access private information.

Published: 2024-02-21T06:41:15.593Z
Updated: 2025-11-04T19:25:00.220Z

This issue was addressed with improved redaction of sensitive information. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to leak sensitive user information.

Published: 2024-02-21T06:41:42.392Z
Updated: 2025-11-04T19:24:51.466Z

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1. An app may gain unauthorized access to Bluetooth.

Published: 2024-02-21T06:41:07.688Z
Updated: 2025-11-04T19:24:48.159Z

This issue was addressed with improved handling of symlinks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. A malicious app may be able to gain root privileges.

Published: 2024-02-21T06:41:01.832Z
Updated: 2025-11-04T19:24:47.064Z

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.2, macOS Monterey 12.7.2. A process may gain admin privileges without proper authentication.

Published: 2024-03-28T15:39:16.899Z
Updated: 2025-11-04T19:24:30.775Z

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to bypass certain Privacy preferences.

Published: 2024-02-21T06:40:41.273Z
Updated: 2025-11-04T19:23:13.709Z

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.

Published: 2024-02-21T06:41:46.194Z
Updated: 2025-11-04T19:23:01.724Z

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system.

Published: 2024-02-21T06:41:06.036Z
Updated: 2025-11-04T19:22:58.431Z

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. An app may be able to execute arbitrary code with kernel privileges.

Published: 2024-02-21T06:41:59.491Z
Updated: 2025-11-04T19:22:52.987Z

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system.

Published: 2024-02-21T06:41:17.643Z
Updated: 2025-11-04T19:22:40.879Z

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system.

Published: 2024-02-21T06:41:22.075Z
Updated: 2025-11-04T19:22:37.452Z

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to access user-sensitive data.

Published: 2024-02-21T06:41:48.062Z
Updated: 2025-11-04T19:22:34.203Z

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to access user-sensitive data.

Published: 2024-02-21T06:41:56.156Z
Updated: 2025-11-04T19:22:29.868Z

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. Processing a maliciously crafted image may lead to heap corruption.

Published: 2024-02-21T06:42:02.006Z
Updated: 2025-11-04T19:22:26.605Z

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spoofing.

Published: 2024-02-21T06:41:27.506Z
Updated: 2025-02-13T17:09:48.003Z

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to access user-sensitive data.

Published: 2024-02-21T06:41:12.831Z
Updated: 2025-11-04T19:22:23.283Z

This issue was addressed with improved state management. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.

Published: 2024-02-21T06:41:44.389Z
Updated: 2025-11-04T19:22:19.926Z

An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.2. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.

Published: 2024-02-21T06:41:24.366Z
Updated: 2025-11-04T19:22:16.497Z

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.2. An attacker may be able to access connected network volumes mounted in the home directory.

Published: 2024-02-21T06:41:04.266Z
Updated: 2025-11-04T19:22:13.226Z

A privacy issue was addressed with improved handling of files. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.

Published: 2024-02-21T06:41:19.489Z
Updated: 2025-11-04T19:22:07.805Z

The issue was resolved by sanitizing logging This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. An app may be able to access user-sensitive data.

Published: 2024-02-21T06:41:52.495Z
Updated: 2025-11-04T19:21:58.985Z

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Hide My Email may be deactivated unexpectedly.

Published: 2023-10-25T18:32:09.663Z
Updated: 2025-02-13T17:07:57.512Z

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.1. An app may be able to read sensitive location information.

Published: 2023-10-25T18:31:54.866Z
Updated: 2025-02-13T17:07:55.759Z

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sonoma 14.1. An app may be able to execute arbitrary code with kernel privileges.

Published: 2023-10-25T18:32:05.873Z
Updated: 2025-02-13T17:07:55.185Z

iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.

Published: 2023-07-17T00:00:00.000Z
Updated: 2024-11-27T14:33:27.522Z

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, macOS Monterey 12.7.4, macOS Sonoma 14.1, macOS Ventura 13.6.5. An app may be able to access sensitive user data.

Published: 2024-03-08T01:35:28.817Z
Updated: 2025-11-04T18:14:31.574Z