macOS 15

Microsoft Security Update Guide entry — NVD enrichira.

Microsoft Security Update Guide entry — NVD enrichira.

Microsoft Security Update Guide entry — NVD enrichira.

[Apple Contacts] An app may be able to access contacts

[Apple DiskArbitration] A sandboxed app may be able to access sensitive user data

[Apple LaunchServices] An application may be able to break out of its sandbox

[Apple ARKit] Processing a maliciously crafted file may lead to heap corruption

[Apple Screen Capture] An attacker with physical access may be able to share items from the lock screen

[Apple SceneKit] Processing a maliciously crafted file may lead to unexpected app termination

[Apple Safari] Maliciously crafted web content may violate iframe sandboxing policy

[Apple Kernel] An app may be able to access sensitive user data

[Apple Model I/O] Processing a maliciously crafted image may lead to a denial-of-service

[Apple Wi-Fi] An app may be able to cause a denial-of-service

[Apple AppSandbox] A camera extension may be able to access the internet

[Apple Core Data] An app may be able to read sensitive location information

[Apple Music] An app may be able to access protected user data

[Apple AppleVA] An application may be able to read restricted memory

[Apple AppleVA] An application may be able to read restricted memory

[Apple Control Center] An app may be able to record the screen without an indicator

[Apple Control Center] Privacy Indicators for microphone or camera access may be attributed incorrectly

[Apple Compression] Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files

[Apple ImageIO] Processing a maliciously crafted file may lead to unexpected app termination

[Apple Wi-Fi] A non-privileged user may be able to modify restricted network settings

[Apple Mail Accounts] An app may be able to access information about a user's contacts

[Apple Airport] A malicious app may be able to change network settings

[Apple Safari] Visiting a malicious website may lead to user interface spoofing

[Apple Security Initialization] An app may be able to access protected user data

[Apple APFS] A malicious app with root privileges may be able to modify the contents of system files

[Apple Printing] An unencrypted document may be written to a temporary file when using print preview

[Apple Image Capture] An app may be able to access a user's Photos Library

[Apple AppleMobileFileIntegrity] An app may be able to access protected user data

[Apple Notification Center] A malicious app may be able to access notifications from the user's device

[Apple AppleVA] Processing a maliciously crafted video file may lead to unexpected app termination

[Apple XProtect] An app may be able to access user-sensitive data

[Apple XProtect] An app may be able to modify protected parts of the file system

[Apple Shortcuts] An app may be able to observe data displayed to the user by Shortcuts

[Apple AppleGraphicsControl] Processing a maliciously crafted video file may lead to unexpected app termination

[Apple AppleGraphicsControl] Processing a maliciously crafted video file may lead to unexpected app termination

[Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data

[Apple AppleMobileFileIntegrity] An attacker may be able to read sensitive information

[Apple Game Center] An app may be able to access user-sensitive data

[Apple Wi-Fi] An attacker may be able to force a device to disconnect from a secure network

[Apple WebKit] Processing maliciously crafted web content may lead to universal cross site scripting

[Apple TV App] An app may be able to access user-sensitive data

[Apple sudo] An app may be able to modify protected parts of the file system

[Apple Installer] An app may be able to gain root privileges

[Apple WebKit] Visiting a malicious website may lead to address bar spoofing

[Apple Security] A malicious app with root privileges may be able to access keyboard input and location information wit…

[Apple Sandbox] A malicious application may be able to leak sensitive user information

[Apple Automator] An Automator Quick Action workflow may be able to bypass Gatekeeper

[Apple Accounts] An app may be able to leak sensitive user information

[Apple APNs] An app with root privileges may be able to access private information

[Apple FileProvider] An app may be able to access sensitive user data

[Apple ArchiveService] An app may be able to break out of its sandbox

[Apple TCC] On MDM managed devices, an app may be able to bypass certain Privacy preferences

[Apple Wi-Fi] An app may be able to read sensitive location information

[Apple AppSandbox] An app may be able to access protected files within an App Sandbox container

[Apple Sidecar] An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock …

[Apple copyfile] An app may be able to break out of its sandbox

[Apple Disk Images] An app may be able to break out of its sandbox

[Apple Quick Look] An app may be able to access protected user data

[Apple bless] An app may be able to modify protected parts of the file system

[Apple System Settings] An app may be able to access user-sensitive data

[Apple Accounts] An app may be able to access user-sensitive data

[Apple AppleGraphicsControl] Processing a maliciously crafted file may lead to unexpected app termination

[Apple Shortcuts] A shortcut may output sensitive user data without consent

[Apple Intel Graphics Driver] Processing a maliciously crafted texture may lead to unexpected app termination

[Apple Intel Graphics Driver] Processing a maliciously crafted texture may lead to unexpected app termination

[Apple Sandbox] A malicious application may be able to access private information

[Apple AppleMobileFileIntegrity] An app may be able to bypass Privacy preferences

[Apple Kernel] Network traffic may leak outside a VPN tunnel

[Apple System Settings] An app may be able to access user-sensitive data

[Apple Notes] An app may be able to overwrite arbitrary files

[Apple AppleMobileFileIntegrity] An app may be able to modify protected parts of the file system

[Apple IOSurfaceAccelerator] An app may be able to cause unexpected system termination

[Apple Siri] An app may be able to access user-sensitive data

[Apple Screen Capture] An attacker may be able to view restricted content from the lock screen

[Apple ImageIO] Processing an image may lead to a denial-of-service

[Apple Dock] An app may be able to access user-sensitive data

[Apple PackageKit] An app may be able to modify protected parts of the file system

[Apple Siri] An attacker with physical access to a device may be able to read contact numbers from the lock screen

[Apple Maps] An app may be able to read sensitive location information

[Apple App Intents] An app may be able to access sensitive data logged when a shortcut fails to launch another app

[Apple mDNSResponder] An app may be able to cause a denial-of-service

[Apple Transparency] An app may be able to access user-sensitive data

[Apple NSColor] An app may be able to access protected user data

[Apple WebKit] A malicious website may exfiltrate data cross-origin

[Apple Accounts] An app may be able to access protected user data

[Apple WindowServer] A logic issue existed where a process may be able to capture screen contents without user consent

[Apple System Settings] An app may be able to read arbitrary files

[Apple Kernel] An app may gain unauthorized access to Bluetooth

[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash

[Apple libxml2] Processing maliciously crafted web content may lead to an unexpected process crash

[Apple Sandbox] An app may be able to access a user's Photos Library

[Apple WindowServer] An app may be able to bypass certain Privacy preferences

[Apple Wi-Fi] An app may be able to cause unexpected system termination or corrupt kernel memory

[Apple Image Capture] An app may be able to access removable volumes without user consent

[Apple WebKit] A malicious website may exfiltrate data cross-origin

[Apple FileProvider] A local user may be able to leak sensitive user information

[Apple Maps] An app may be able to access user-sensitive data

[Apple Wi-Fi] An app may be able to cause unexpected system termination or corrupt kernel memory

[Apple TCC] An app may be able to trick a user into granting access to photos from the user's photo library

[Apple LaunchServices] A malicious app may be able to modify other apps without having App Management permission