CVE-2024-40854

CVE-2024-40854 describes a memory initialization issue addressed by Apple in macOS/OS updates. Affected components are iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Sonoma 14.7.1, and macOS Ventura 13.7.1. The vulnerability may allow an app to cause an unexpected system terminatio...

CVE-2024-40839

This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to an iOS device may be able to view notification contents from the Lock Screen...

CVE-2024-27856

The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing a file may lead to unexpected app termination or arbitrary code execution...

CVE-2024-44136

This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to a device may be able to disable Stolen Device Protection...

CVE-2024-44136

CVE-2024-44136 affects Apple iOS and iPadOS, with fixed in iOS 17.5 and iPadOS 17.5. Root cause: improved state management. Impact: a local attacker with physical access may disable Stolen Device Protection. Affected component: Face ID-related flow per Apple security content; remediation is upgra...

Apple Security Update: iOS 18.2.1 and iPadOS 18.2.1

Apple recommends to install security update iOS 18.2.1 and iPadOS 18.2.1 on devices iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th...

Apple iPadOS and iPhone OS Information Disclosure Vulnerability

iPadOS is Apple's mobile operating system for iPad devices, which is based on iOS and optimized for iPad. iPhone OS is Apple's operating system for iPhone and iPod touch. Apple iPadOS and iPhone OS suffer from an information disclosure vulnerability that originates from the possibility that a...

Apple iPhone OS and iPadOS Privacy Breach Vulnerability

iPhone OS is the operating system developed by Apple for the iPhone and iPod touch. iPadOS is Apple's mobile operating system for iPad devices, which is based on iOS and optimized for iPad. A privacy disclosure vulnerability exists in Apple iPhone OS and iPadOS, which stems from the fact that use...

CVE-2024-54534

A flaw was found in WebKitGTK. Processing malicious web content can cause memory corruption due to improper memory handling. Mitigation Do not process or load untrusted web content with WebKitGTK...

CVE-2024-54508

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling, resulting in a denial of service. Mitigation Do not process or load untrusted web content with WebKitGTK...

CVE-2024-54479

A flaw was found in webkitgtk. In affected versions of this package, processing maliciously crafted web content may lead to an unexpected process crash. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteri...

CVE-2024-54538

A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. A remote attacker may be able to cause a...

CVE-2024-54538

A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. A remote attacker may be able to cause a...

CVE-2024-54538

CVE-2024-54538 describes a denial‑of‑service vulnerability in Apple OS components resolved by improved input validation. A remote attacker could trigger a DoS. Affected and fixed versions per sources: visionOS 2.1; iOS 18.1 and iPadOS 18.1; iOS 17.7.1 and iPadOS 17.7.1; tvOS 18.1; macOS Sonoma 14...

CVE-2024-54538

A denial-of-service issue was addressed with improved input validation. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, tvOS 18.1, macOS Sonoma 14.7.1, watchOS 11.1, macOS Ventura 13.7.1. A remote attacker may be able to cause a denial-of-service...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 18.1 and Apple iPadOS version 18.1, which originates from a remote...

Apple Releases Security Updates for Multiple Products

Apple released security updates to address vulnerabilities in multiple Apple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply necessary updates:...

Vulnerabilities fixed in Apple iPadOS and iOS

Apple has fixed vulnerabilities in iPadOS Specific to versions 17.7.3 and 18.2 and iOS Specific to 18.2. The vulnerabilities include a denial-of-service issue, logic issues that allowed unauthorized privilege escalation, and unexpected system terminations due to memory corruption. These...

CVE-2024-54513

A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An app may be able to access sensitive user data...

CVE-2024-54526

The issue was addressed with improved checks. This issue is fixed in watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. A malicious app may be able to access private information...