NVD disclosure day

Published threat advisories for November 20, 2024

CVE advisoryKnown Exploit

CVE-2024-44309

Apple Products Cross-Site Scripting Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A cookie management flaw in Apple software may allow cross-site scripting attacks if users encounter specially crafted web content. This could lead to unauthorized access to information or session manipulation. Apple has noted potential active exploitation on some Intel-based Mac systems. Organizations should apply ven

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2024-44308

Apple Software Vulnerability May Allow Code Execution

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in Apple software could allow code execution when processing malicious web content. This poses a risk of system compromise and data exposure for affected organizations. Apple has noted potential active exploitation on Intel-based Macs.

NVD published: • CISA KEV