12 matches found
CVE-2018-9379
In multiple functions of MiniThumbFile.java, there is a possible way to view the thumbnails of deleted photos due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2018-9379
In multiple functions of MiniThumbFile.java, there is a possible way to view the thumbnails of deleted photos due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-23240
The issue was addressed with improved checks. This issue is fixed in iOS 17.4 and iPadOS 17.4. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication...
CVE-2024-23240
The issue was addressed with improved checks. This issue is fixed in iOS 17.4 and iPadOS 17.4. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication...
Authentication flaw
The issue was addressed with improved checks. This issue is fixed in iOS 17.4 and iPadOS 17.4. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication...
PT-2024-19735 · Apple · Ios +1
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 17.4 iPadOS versions prior to 17.4 Description: The issue allows a deleted photo to be re-surfaced without authentication through the shake-to-undo feature. This is due to inadequate checks that have been improved in the...
CVE-2023-32365
The issue was addressed with improved checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, iOS 16.5 and iPadOS 16.5. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication...
CVE-2023-32365
The issue was addressed with improved checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, iOS 16.5 and iPadOS 16.5. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication...
Authentication flaw
The issue was addressed with improved checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, iOS 16.5 and iPadOS 16.5. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication...
CVE-2023-32365
The CVE-2023-32365 issue affects Apple iOS/iPadOS Photos via the Shake-to-undo feature, enabling a deleted photo to be surfaced without authentication. The root cause details in the sources indicate a logic/validation issue within the Photos handling that could expose previously deleted content. ...
Design/Logic Flaw
The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication...
PT-2022-21598 · Apple · Ios +3
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16.2 iPadOS versions prior to 16.2 macOS Ventura versions prior to 13.1 Description: The issue allows a deleted photo to be re-surfaced without authentication through the shake-to-undo feature. This was addressed with...