Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2024
CVE-2024-23286
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing an image may lead to arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.008
Published
2024-03-08
CVE-2024-23238
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Sonoma 14.4. An app may be able to edit NVRAM variables.
CVSS Score
3.3
EPSS Score
0.0
Published
2024-03-08
CVE-2024-23239
A race condition was addressed with improved state handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. An app may be able to leak sensitive user information.
CVSS Score
4.7
EPSS Score
0.001
Published
2024-03-08
CVE-2024-23240
The issue was addressed with improved checks. This issue is fixed in iOS 17.4 and iPadOS 17.4. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication.
CVSS Score
2.4
EPSS Score
0.001
Published
2024-03-08
CVE-2024-23241
This issue was addressed through improved state management. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4. An app may be able to leak sensitive user information.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-03-08
CVE-2024-23242
A privacy issue was addressed by not logging contents of text fields. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. An app may be able to view Mail data.
CVSS Score
3.3
EPSS Score
0.0
Published
2024-03-08
CVE-2024-23244
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4. An app from a standard user account may be able to escalate privilege after admin user login.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-03-08
CVE-2024-23245
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent.
CVSS Score
3.3
EPSS Score
0.001
Published
2024-03-08
CVE-2024-23246
This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. An app may be able to break out of its sandbox.
CVSS Score
8.6
EPSS Score
0.001
Published
2024-03-08
CVE-2024-23247
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. Processing a file may lead to unexpected app termination or arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-03-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved