8330 matches found
CVE-2024-40782
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process...
CVE-2024-40782
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process...
CVE-2024-40782
CVE-2024-40782 is a WebKitGTK/use-after-free vulnerability where processing malicious web content could cause an unexpected process crash. It is addressed in Apple platforms as: iOS 16.7.9 and iPadOS 16.7.9; Safari 17.6; iOS 17.6 and iPadOS 17.6; watchOS 10.6; tvOS 17.6; visionOS 1.3; macOS Sonom...
CVE-2024-40829
CVE-2024-40829 affects Apple platforms (watchOS, iOS/iPadOS, macOS) where an attacker may view restricted content from the lock screen. Root cause is described as the issue being addressed with improved checks. Remediations are available via patches: watchOS 10.6; iOS 17.6/iPadOS 17.6; iOS 16.7.9...
CVE-2024-40812
A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, visionOS 1.3, watchOS 10.6. A shortcut may be able to bypass Internet permission requirements...
CVE-2024-40812
A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, visionOS 1.3, watchOS 10.6. A shortcut may be able to bypass Internet permission requirements...
CVE-2024-40812
CVE-2024-40812 is a logic issue in Apple software addressed by improved checks and fixed in multiple OS versions. The vulnerability could allow a shortcut to bypass Internet permission requirements, with the fixed versions including iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Ve...
CVE-2024-40795
This issue was addressed with improved data protection. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to read sensitive location information...
CVE-2024-40795
This issue was addressed with improved data protection. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to read sensitive location information...
CVE-2024-40824
This issue was addressed through improved state management. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences...
CVE-2024-40824
CVE-2024-40824 affects Apple platforms (watchOS 10.6, macOS Sonoma 14.6, iOS 17.6, iPadOS 17.6, tvOS 17.6). The issue allows an app to bypass Privacy preferences and was addressed via improved state management; fixes are in the listed OS versions. The CPE/context is supported by Apple security up...
CVE-2024-40824
This issue was addressed through improved state management. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences...
CVE-2024-40776
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process...
CVE-2024-40776
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process...
CVE-2024-40776
CVE-2024-40776 is a use-after-free in the WebKitGTK/WebKit2GTK web engine where processing maliciously crafted web content may lead to an unexpected process crash. The initial CVE description confirms the issue and its fix across Apple platforms (iOS, iPadOS, macOS Sonoma, etc.). Connected adviso...
CVE-2024-40776
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process...
CVE-2024-40815
A race condition was addressed with additional validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication...
CVE-2024-40815
CVE-2024-40815 describes a race condition addressed by added validation. Apple states the issue is fixed in macOS Ventura 13.6.8, macOS Sonoma 14.6, iOS 17.6/iPadOS 17.6, watchOS 10.6, and tvOS 17.6. A malicious attacker with arbitrary read/write access could potentially bypass Pointer Authentica...
CVE-2024-40799
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing a maliciously crafted file may...
CVE-2024-40815
A race condition was addressed with additional validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication...