8330 matches found
Exploit for Race Condition in Apple Ipados
macOS LPE CVE-2023-32413 / ZDI-23-845 / Pwn2Own Vancouver 202...
Update now! Apple confirms vulnerabilities are already being exploited
Apple has released security patches for most of its operating systems, including iOS, Mac, iPadOS, Safari, and visionOS. The updates for iOS and Intel-based Mac systems are especially important, as they tackle vulnerabilities that are being actively exploited by cybercriminals. You should make su...
Vulnerabilities fixed in Apple iOS and iPadOS
Apple has fixed several vulnerabilities in iOS and iPadOS. Two vulnerabilities in iOS and iPadOS 17.7.2 CVE-2024-44308 & CVE-2024-44309 can lead to execution of arbitrary code. Apple states that active misuse of these vulnerabilities is known. A malicious party can exploit the vulnerabilities in...
CVE-2024-44308
The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, macOS Sequoia 15.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that th...
CVE-2024-44309
A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to a cross site scripting attack. App...
CVE-2024-44308
The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that th...
CVE-2024-44309
A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to a cross site scripting attack. App...
CVE-2024-44309
A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, macOS Sequoia 15.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to a cross site scripting attack. App...
CVE-2024-44309
CVE-2024-44309 concerns a cookie management issue in Apple environments. The root cause is improper state management that can enable cross-site scripting when processing malicious web content. Affected products/versions include Safari 18.1.1, iOS 17.7.2, iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 1...
CVE-2024-44309
A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, macOS Sequoia 15.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to a cross site scripting attack. App...
CVE-2024-44308
CVE-2024-44308 affects WebKit-derived components (Apple WebKit in Safari and WebKitGTK/WebKit2GTK for Linux). The issue, caused by improper handling of maliciously crafted web content, can lead to arbitrary code execution. Public details in the Apple advisory cite a fix in Safari 18.1.1, iOS 18.1...
PT-2024-8648 · Apple +9 · Ios +14
Name of the Vulnerable Software and Affected Versions: Safari versions prior to 18.1.1 iOS versions prior to 17.7.2 and 18.1.1 iPadOS versions prior to 17.7.2 and 18.1.1 macOS Sequoia versions prior to 15.1.1 visionOS versions prior to 2.1.1 Description: The issue is related to a cookie managemen...
PT-2024-8646
Name of the Vulnerable Software and Affected Versions Safari versions prior to 18.1.1 iOS versions prior to 17.7.2 and 18.1.1 iPadOS versions prior to 17.7.2 and 18.1.1 macOS Sequoia versions prior to 15.1.1 visionOS versions prior to 2.1.1 Description The issue was addressed with improved checks...
About the security content of iOS17.7.2 and iPadOS 17.7.2
About the security content of iOS17.7.2 and iPadOS 17.7.2 This document describes the security content of iOS 17.7.2 and iPadOS 17.7.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...
About the security content of iOS18.1.1 and iPadOS 18.1.1
About the security content of iOS18.1.1 and iPadOS 18.1.1 This document describes the security content of iOS 18.1.1 and iPadOS 18.1.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...
K000148511: WebKitGTK and WPE WebKit vulnerability CVE-2023-42950
Security Advisory Description A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2024-44296
A flaw was found in WebKitGTK. Processing maliciously crafted web content may prevent the Content Security Policy from being enforced. This issue leads to items that were banned from running to be executed. Mitigation Mitigation for this issue is either not available or the currently available...
CVE-2024-44232
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination...
CVE-2024-44233
The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Parsing a maliciously crafted video file may lead to unexpected...
CVE-2024-44234
The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Parsing a maliciously crafted video file may lead to unexpected...