8330 matches found
CVE-2024-40799
CVE-2024-40799 is an out-of-bounds read vulnerability fixed by Apple in multiple OS updates. Affected platforms include iOS 16.7.9 / 17.6, iPadOS 16.7.9 / 17.6, macOS Ventura 13.6.8, Monterey 12.7.6, macOS Sonoma 14.6, and the watchOS 10.6, tvOS 17.6, visionOS 1.3 lineups. The issue occurs when p...
CVE-2024-40784
CVE-2024-40784 involves an integer overflow that was addressed by improved input validation. The issue affects Apple platforms when processing a maliciously crafted file, potentially causing an unexpected app termination. Public disclosures in connected sources (Red Hat, CIRCL, Nessus/OPENVAS sum...
CVE-2024-40784
An integer overflow was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing a maliciously crafted file may lead to unexpected app...
CVE-2024-40788
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, visionOS 1.3, watchOS 10.6. A local attacker may be able to cause unexpecte...
CVE-2024-40788
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, visionOS 1.3, watchOS 10.6. A local attacker may be able to cause unexpecte...
CVE-2024-40788
CVE-2024-40788 is a local, type-confusion vulnerability in memory handling that could allow a local attacker to cause an unexpected system shutdown . The vulnerability is fixed in: iOS/iPadOS 16.7.9 and 17.6, macOS Ventura 13.6.8, macOS Monterey 12.7.6, macOS Sonoma 14.6, and on watchOS 10.6, tvO...
CVE-2024-40835
CVE-2024-40835 concerns a logic issue in Apple’s Shortcuts feature where a shortcut could access sensitive data with certain actions without prompting. Affected platforms include iOS 16.7.9 and iPadOS 16.7.9; iOS 17.6 and iPadOS 17.6; macOS Ventura 13.6.8; macOS Monterey 12.7.6; macOS Sonoma 14.6...
CVE-2024-40835
A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, watchOS 10.6. A shortcut may be able to use sensitive data with certain actions without prompting the us...
CVE-2024-40822
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, watchOS 10.6. An attacker with physical access to a device may be able to access contacts from the lock screen...
CVE-2024-40822
CVE-2024-40822 affects Apple devices (watchOS, macOS Sonoma, iOS/iPadOS) where an attacker with physical access could access contacts from the lock screen. Apple fixed the issue in macOS Sonoma 14.6, iOS 17.6/iPadOS 17.6, watchOS 10.6, and iOS 16.7.9/iPadOS 16.7.9. Root cause described as insuffi...
CVE-2024-40789
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected...
CVE-2024-40789
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected...
CVE-2024-40818
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, watchOS 10.6. An attacker with physical access may be able to use Siri to access sensitive user data...
CVE-2024-40789
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected...
CVE-2024-40789
CVE-2024-40789 is a WebKitGTK/WebKit-related out-of-bounds access issue. The initial CVE description notes an out-of-bounds access that could cause an unexpected process crash when processing malicious web content, with fixes across Apple platforms (iOS, iPadOS, macOS, Safari, watchOS, tvOS, visi...
CVE-2024-40818
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, watchOS 10.6. An attacker with physical access may be able to use Siri to access sensitive user data...
CVE-2024-40785
This issue was addressed with improved checks. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to a cross site scripting attack...
CVE-2024-40785
This issue was addressed with improved checks. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to a cross site scripting attack...
CVE-2024-40793
This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, watchOS 10.6. An app may be able to access user-sensitive data...
CVE-2024-40793
This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, watchOS 10.6. An app may be able to access user-sensitive data...