CVE-2024-40838

LOW Year: 2024
CVSS v3 Score
3.3
Low
Weakness Type
CWE-200
View all →

Vulnerability Description

A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sequoia 15. A malicious app may be able to access notifications from the user's device.

Related Vulnerabilities

CVE-2013-4209

LOW
CVSS:3.3(Low)

Automatic Bug Reporting Tool (ABRT) before 2.1.6 allows local users to obtain sensitive information about arbitrary files via vectors related to sha1sums.

CWE-2002013

CVE-2013-7458

LOW
CVSS:3.3(Low)

linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .rediscli_history, which allows local users to obtain sensitive information by reading the file.

CWE-2002013

CVE-2014-2884

LOW
CVSS:3.3(Low)

The ProcessVolumeDeviceControlIrp function in Ntdriver.c in TrueCrypt 7.1a allows local users to bypass access restrictions and obtain sensitive information about arbitrary files via a (1) TC_IOCTL_OP...

CWE-2002014

CVE-2014-4407

LOW
CVSS:3.3(Low)

IOKit in Apple iOS before 8 and Apple TV before 7 does not properly initialize kernel memory, which allows attackers to obtain sensitive memory-content information via an application that makes crafte...

CWE-2002014

CVE-2014-9680

LOW
CVSS:3.3(Low)

sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access (but not view file contents) by...

CWE-2002014

CVE-2015-0238

LOW
CVSS:3.3(Low)

selinux-policy as packaged in Red Hat OpenShift 2 allows attackers to obtain process listing information via a privilege escalation attack.

CWE-2002015