CVE-2024-54514

The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. An app may be able to break out of its sandbox...

CVE-2024-54502

The issue was addressed with improved checks. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2024-54502

The issue was addressed with improved checks. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2024-54505

A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to memory corruption...

CVE-2024-54513

A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An app may be able to access sensitive user data...

CVE-2024-54513

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. An app may be able to access sensitive user data...

CVE-2024-54513

CVE-2024-54513 affects multiple Apple platforms with a permissions issue that could let an app access sensitive user data. Fixes are included in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2, and iPadOS 18.2. The description does not specify the exact component or root cause...

CVE-2024-44246

The issue was addressed with improved routing of Safari-originated requests. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, Safari 18.2, iPadOS 17.7.3. On a device with Private Relay enabled, adding a website to the Safari Reading List may reveal the originating IP address t...

CVE-2024-54508

CVE-2024-54508 affects WebKitGTK (webkit2gtk). The issue arises from processing maliciously crafted web content and can lead to an unexpected process crash; memory-related impact is also indicated in related entries. Public advisories confirm fixes in WebKitGTK/WebKit2GTK packages across distribu...

CVE-2024-54508

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2024-54494

A race condition was addressed with additional validation. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An attacker may be able to create a read-only memory mapping that can be...

CVE-2024-54494

Root cause: a race condition was addressed with additional validation in CVE-2024-54494. Affected products include Apple operating systems: iPadOS 17.7.3; iOS 18.2; iPadOS 18.2; macOS Sequoia 15.2; macOS Ventura 13.7.2; macOS Sonoma 14.7.2; watchOS 11.2; visionOS 2.2; tvOS 18.2. Issue: an attacke...

CVE-2024-44225

CVE-2024-44225 describes a logic issue in Apple OS components that could allow an app to gain elevated privileges. The fixed versions include iPadOS 17.7.3, watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 / iPadOS 18.2, macOS Ventura 13.7.2, and macOS Sonoma 14.7.2. The root cause is stated...

CVE-2024-54526

The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. A malicious app may be able to access private information...

CVE-2024-44290

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1. An app may be able to determine a user’s current location...

CVE-2024-44290

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, watchOS 11.1. An app may be able to determine a user’s current location...

CVE-2024-44290

CVE-2024-44290 affects Apple platforms and is described as a location-privacy issue. The vulnerability is addressed in iOS 18.1, iPadOS 18.1, and watchOS 11.1; installing these updates resolves the issue. The public description indicates an app could determine a user’s current location. The CVSS ...

CVE-2024-44245

The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, visionOS 2.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2. An app may be able to cause unexpected system termination or corrupt kernel memory...

CVE-2024-44245

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, visionOS 2.2. An app may be able to cause unexpected system termination or corrupt kernel memory...

CVE-2024-44245

CVE-2024-44245 affects Apple systems where a memory handling weakness could allow an app to cause unexpected system termination or corrupt kernel memory. The issue has been addressed in updates: iPadOS 17.7.3, iPadOS 18.2, iOS 18.2, visionOS 2.2, macOS Sequoia 15.2, and macOS Sonoma 14.7.2. Affec...