Total
35740 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-40796 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2026-06-17 | N/A | 5.3 MEDIUM |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. Private browsing may leak some browsing history. | |||||
| CVE-2024-40795 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-06-17 | N/A | 3.3 LOW |
| This issue was addressed with improved data protection. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to read sensitive location information. | |||||
| CVE-2024-40794 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2026-06-17 | N/A | 5.3 MEDIUM |
| This issue was addressed through improved state management. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. Private Browsing tabs may be accessed without authentication. | |||||
| CVE-2024-40793 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, watchOS 10.6. An app may be able to access user-sensitive data. | |||||
| CVE-2024-40792 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 3.3 LOW |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A malicious app may be able to change network settings. | |||||
| CVE-2024-40790 | 1 Apple | 1 Visionos | 2026-06-17 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved handling of caches. This issue is fixed in visionOS 2. An app may be able to read sensitive data from the GPU memory. | |||||
| CVE-2024-40789 | 1 Apple | 7 Ipados, Iphone Os, Macos and 4 more | 2026-06-17 | N/A | 6.5 MEDIUM |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process crash. | |||||
| CVE-2024-40787 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2026-06-17 | N/A | 7.1 HIGH |
| This issue was addressed by adding an additional prompt for user consent. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, watchOS 10.6. A shortcut may be able to bypass Internet permission requirements. | |||||
| CVE-2024-40786 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2026-06-17 | N/A | 7.5 HIGH |
| This issue was addressed through improved state management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Ventura 13.6.8. An attacker may be able to view sensitive user information. | |||||
| CVE-2024-40783 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved restriction of data container access. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A malicious application may be able to bypass Privacy preferences. | |||||
| CVE-2024-40781 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 7.8 HIGH |
| The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A local attacker may be able to elevate their privileges. | |||||
| CVE-2024-40778 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2026-06-17 | N/A | 3.3 LOW |
| An authentication issue was addressed with improved state management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. Photos in the Hidden Photos Album may be viewed without authentication. | |||||
| CVE-2024-40775 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 5.5 MEDIUM |
| A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to leak sensitive user information. | |||||
| CVE-2024-40774 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-06-17 | N/A | 7.1 HIGH |
| A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences. | |||||
| CVE-2024-40771 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2024-40767 | 1 Openstack | 1 Nova | 2026-06-17 | N/A | 6.5 MEDIUM |
| In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Nova deployments are affected. NOTE: this issue exists because of an incomplete fix for CVE-2022-47951 and CVE-2024-32498. | |||||
| CVE-2024-40766 | 1 Sonicwall | 52 Nsa 2650, Nsa 2700, Nsa 3600 and 49 more | 2026-06-17 | N/A | 9.8 CRITICAL |
| An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions. | |||||
| CVE-2024-40725 | 1 Apache | 1 Http Server | 2026-06-17 | N/A | 5.3 MEDIUM |
| A partial fix forĀ CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue. | |||||
| CVE-2024-40721 | 1 Changingtec | 1 Tcb Servisign | 2026-06-17 | N/A | 8.8 HIGH |
| The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause the TCBServiSign to load a DLL from an arbitrary path. | |||||
| CVE-2024-40720 | 1 Changingtec | 1 Tcb Servisign | 2026-06-17 | N/A | 8.8 HIGH |
| The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the `HKEY_CURRENT_USER` registry to execute arbitrary commands. | |||||
