Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 35740 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-40796 1 Apple 3 Ipados, Iphone Os, Macos 2026-06-17 N/A 5.3 MEDIUM
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. Private browsing may leak some browsing history.
CVE-2024-40795 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2026-06-17 N/A 3.3 LOW
This issue was addressed with improved data protection. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to read sensitive location information.
CVE-2024-40794 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2026-06-17 N/A 5.3 MEDIUM
This issue was addressed through improved state management. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. Private Browsing tabs may be accessed without authentication.
CVE-2024-40793 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2026-06-17 N/A 5.5 MEDIUM
This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, watchOS 10.6. An app may be able to access user-sensitive data.
CVE-2024-40792 1 Apple 1 Macos 2026-06-17 N/A 3.3 LOW
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A malicious app may be able to change network settings.
CVE-2024-40790 1 Apple 1 Visionos 2026-06-17 N/A 5.5 MEDIUM
The issue was addressed with improved handling of caches. This issue is fixed in visionOS 2. An app may be able to read sensitive data from the GPU memory.
CVE-2024-40789 1 Apple 7 Ipados, Iphone Os, Macos and 4 more 2026-06-17 N/A 6.5 MEDIUM
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2024-40787 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2026-06-17 N/A 7.1 HIGH
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, watchOS 10.6. A shortcut may be able to bypass Internet permission requirements.
CVE-2024-40786 1 Apple 3 Ipados, Iphone Os, Macos 2026-06-17 N/A 7.5 HIGH
This issue was addressed through improved state management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Ventura 13.6.8. An attacker may be able to view sensitive user information.
CVE-2024-40783 1 Apple 1 Macos 2026-06-17 N/A 5.5 MEDIUM
The issue was addressed with improved restriction of data container access. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A malicious application may be able to bypass Privacy preferences.
CVE-2024-40781 1 Apple 1 Macos 2026-06-17 N/A 7.8 HIGH
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A local attacker may be able to elevate their privileges.
CVE-2024-40778 1 Apple 3 Ipados, Iphone Os, Macos 2026-06-17 N/A 3.3 LOW
An authentication issue was addressed with improved state management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. Photos in the Hidden Photos Album may be viewed without authentication.
CVE-2024-40775 1 Apple 1 Macos 2026-06-17 N/A 5.5 MEDIUM
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to leak sensitive user information.
CVE-2024-40774 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2026-06-17 N/A 7.1 HIGH
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences.
CVE-2024-40771 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2026-06-17 N/A 7.8 HIGH
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to execute arbitrary code with kernel privileges.
CVE-2024-40767 1 Openstack 1 Nova 2026-06-17 N/A 6.5 MEDIUM
In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Nova deployments are affected. NOTE: this issue exists because of an incomplete fix for CVE-2022-47951 and CVE-2024-32498.
CVE-2024-40766 1 Sonicwall 52 Nsa 2650, Nsa 2700, Nsa 3600 and 49 more 2026-06-17 N/A 9.8 CRITICAL
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.
CVE-2024-40725 1 Apache 1 Http Server 2026-06-17 N/A 5.3 MEDIUM
A partial fix forĀ  CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue.
CVE-2024-40721 1 Changingtec 1 Tcb Servisign 2026-06-17 N/A 8.8 HIGH
The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause the TCBServiSign to load a DLL from an arbitrary path.
CVE-2024-40720 1 Changingtec 1 Tcb Servisign 2026-06-17 N/A 8.8 HIGH
The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the `HKEY_CURRENT_USER` registry to execute arbitrary commands.