CVE-2024-27803 |
Description: A permissions issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access may be able to share items from the lock screen.
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
CVE-2024-27802 |
Description: An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.
EPSS Score: 0.07%
February 14th, 2025 (5 months ago)
|
CVE-2024-27801 |
Description: The issue was addressed with improved checks. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to elevate privileges.
EPSS Score: 0.06%
February 14th, 2025 (5 months ago)
|
CVE-2024-27800 |
Description: This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing a maliciously crafted message may lead to a denial-of-service.
EPSS Score: 0.08%
February 14th, 2025 (5 months ago)
|
CVE-2024-27799 |
Description: This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.5, macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8. An unprivileged app may be able to log keystrokes in other apps including those using secure input mode.
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
CVE-2024-27798 |
Description: An authorization issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.5. An attacker may be able to elevate privileges.
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
CVE-2024-27796 |
Description: The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. An attacker may be able to elevate privileges.
EPSS Score: 0.06%
February 14th, 2025 (5 months ago)
|
CVE-2024-27793 |
Description: The issue was addressed with improved checks. This issue is fixed in iTunes 12.13.2 for Windows. Parsing a file may lead to an unexpected app termination or arbitrary code execution.
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
CVE-2024-2758 |
Description: Tempesta FW rate limits are not enabled by default. They are either set too large to capture empty CONTINUATION frames attacks or too small to handle normal HTTP requests appropriately.
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
CVE-2024-27438 |
Description: Download of Code Without Integrity Check vulnerability in Apache Doris.
The jdbc driver files used for JDBC catalog is not checked and may resulting in remote command execution.
Once the attacker is authorized to create a JDBC catalog, he/she can use arbitrary driver jar file with unchecked code snippet. This code snippet will be run when catalog is initializing without any check.
This issue affects Apache Doris: from 1.2.0 through 2.0.4.
Users are recommended to upgrade to version 2.0.5 or 2.1.x, which fixes the issue.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|