CVE-2017-13909

An issue existed in the storage of sensitive tokens. This issue was addressed by placing the tokens in Keychain. This issue is fixed in macOS High Sierra 10.13. A local attacker may gain access to iCloud authentication tokens...

CVE-2017-13909

An issue existed in the storage of sensitive tokens. This issue was addressed by placing the tokens in Keychain. This issue is fixed in macOS High Sierra 10.13. A local attacker may gain access to iCloud authentication tokens...

CVE-2017-2375

An issue existed in preventing the uploading of CallKit call history to iCloud. This issue was addressed through improved logic. This issue is fixed in iOS 10.2.1. Updates for CallKit call history are sent to iCloud...

CVE-2018-4302

A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution...

Authentication flaw

An issue existed in the storage of sensitive tokens. This issue was addressed by placing the tokens in Keychain. This issue is fixed in macOS High Sierra 10.13. A local attacker may gain access to iCloud authentication tokens...

Null pointer dereference

A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution...

Code injection

An issue existed in preventing the uploading of CallKit call history to iCloud. This issue was addressed through improved logic. This issue is fixed in iOS 10.2.1. Updates for CallKit call history are sent to iCloud...

CVE-2018-4302

CVE-2018-4302 describes a null pointer dereference in processing maliciously crafted XML that could cause an app to terminate or execute arbitrary code. The issue is associated with libxml2 and is fixed across Apple platforms: macOS High Sierra 10.13, iOS 11, watchOS 4, and iCloud for Windows 7.0...

CVE-2018-4302

A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution...

CVE-2017-13909

CVE-2017-13909 affects macOS High Sierra 10.13 where sensitive tokens (iCloud authentication tokens) were stored insecurely. Root cause: tokens were stored outside of a secure store; fix implemented by storing tokens in Keychain. Impact: a local attacker may gain access to iCloud authentication t...

CVE-2017-2375

An issue existed in preventing the uploading of CallKit call history to iCloud. This issue was addressed through improved logic. This issue is fixed in iOS 10.2.1. Updates for CallKit call history are sent to iCloud...

CVE-2017-2375

CVE-2017-2375 concerns an issue in preventing the uploading of CallKit call history to iCloud on Apple iOS. The documented root cause is an internal logic issue, and the impact is that updates for CallKit call history were exposed to iCloud. The vulnerability is addressed in iOS 10.2.1, with the ...

多款Apple产品代码问题漏洞

Apple iOS and others are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple macOS High Sierra is a specialized operating system developed for Mac computers.Apple watchOS is a smartwatch operating system. A security vulnerability exists in a number of Apple...

Apple macOS High Sierra 安全漏洞

A security vulnerability exists in Apple macOS High Sierra, a specialized operating system developed by Apple for Mac computers. An attacker could use the vulnerability to potentially gain access to iCloud authentication tokens...

Apple iOS 安全漏洞

Apple iOS is a set of operating systems developed by Apple Inc. for mobile devices. A security vulnerability exists in Apple iOS versions prior to 10.2.1, which stems from CallKit call log updates being sent to iCloud...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4JExploitation-VulnerabiliyCVE-2021-44228. !Untitled...

Russia Blocks Tor Privacy Service in Latest Censorship Move

Russia has stepped up its censorship efforts in the country by fully blocking access to the Tor web anonymity service, coinciding with the ban of six virtual private network VPN operators, as the government continues its efforts to control the internet and crack down on attempts to circumvent...

Apple Releases Security Update for iCloud for Windows 13

Apple has released a security update to address multiple vulnerabilities in iCloud for Windows 13. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security page and apply the necessary update. This...

About the security content of iCloud for Windows 13

About the security content of iCloud for Windows 13 This document describes the security content of iCloud for Windows 13. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

KLA12357 Multiple vulnerabilities in Apple iCloud

Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A code execution vulnerability in ImageIO can be exploited via special crafted image to...