CVE-2022-32919

A vulnerability was found in WebKitGTK and WPE WebKit that allows a remote attacker to conduct spoofing attacks by exploiting improper UI handling. This flaw enables attackers to create specially crafted websites that can display misleading information to users. By exploiting this vulnerability, ...

Apple Security Update: iOS 16.7.7 and iPadOS 16.7.7Details coming soon

Apple recommends to install security update iOS 16.7.7 and iPadOS 16.7.7Details coming soon on devices iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation...

About the security content of iOS 17.4.1 and iPadOS 17.4.1

About the security content of iOS 17.4.1 and iPadOS 17.4.1 This document describes the security content of iOS 17.4.1 and iPadOS 17.4.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

About the security content of iOS 16.7.7 and iPadOS 16.7.7

About the security content of iOS 16.7.7 and iPadOS 16.7.7 This document describes the security content of iOS 16.7.7 and iPadOS 16.7.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

Apple Security Update: iOS 17.4.1 and iPadOS 17.4.1Details coming soon

Apple recommends to install security update iOS 17.4.1 and iPadOS 17.4.1Details coming soon on devices iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later,...

About the security content of iOS 16.7.7 and iPadOS 16.7.7

About the security content of iOS 16.7.7 and iPadOS 16.7.7 This document describes the security content of iOS 16.7.7 and iPadOS 16.7.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

About the security content of iOS 17.4.1 and iPadOS 17.4.1

About the security content of iOS 17.4.1 and iPadOS 17.4.1 This document describes the security content of iOS 17.4.1 and iPadOS 17.4.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

CVE-2024-23213

A vulnerability was found in WebKitGTK . This flaw allows a remote attacker to trigger arbitrary code execution by persuading a victim to visit a specially crafted website...

CVE-2023-42833

A vulnerability was found in WebKitGTK. This flaw allows a remote attacker to trigger arbitrary code execution by persuading a victim to visit a specially crafted website...

CVE-2023-40414

A vulnerability in WebKitGTK and WPE WebKit could allow an attacker to execute arbitrary code on a target system. The issue arises from a use-after-free flaw in memory management when processing web content. This flaw can potentially give attackers the ability to take control of affected systems...

CVE-2024-23206

A vulnerability was found in WebKitGTK. This flaw allows a remote attacker to bypass the security restriction by using a specially crafted malicious website to fingerprint the victim...

The vulnerability of the libxpc library in the watchOS operating system, macOS Sonoma, tvOS, iOS, iPadOS, macOS Ventura, allows a hacker to escalate their privileges.

The vulnerability of the libxpc library in the watchOS operating system, macOS Sonoma, tvOS, iOS, iPadOS, and macOS Ventura, is related to errors in handling symbolic links. Exploiting this vulnerability can allow an attacker to gain increased privileges...

CVE-2024-23288

This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to elevate privileges...

CVE-2024-23291

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. A malicious app may be able to observe user data in log entries related to accessibility notifications...

CVE-2024-23292

This issue was addressed with improved data protection. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. An app may be able to access information about a user's contacts...

CVE-2024-23290

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. An app may be able to access user-sensitive data...

CVE-2024-23289

A lock screen issue was addressed with improved state management. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. A person with physical access to a device may be able to use Siri to access private calendar information...

CVE-2024-23293

This issue was addressed through improved state management. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. An attacker with physical access may be able to use Siri to access sensitive user data...

CVE-2024-23297

The issue was addressed with improved checks. This issue is fixed in iOS 17.4 and iPadOS 17.4, tvOS 17.4, watchOS 10.4. A malicious application may be able to access private information...

CVE-2024-23280

An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. A maliciously crafted webpage may be able to fingerprint the user...