CVE-2024-23231

CVE-2024-23231 concerns a privacy issue where private data in log entries could be exposed. Affected products include iOS and iPadOS (versions prior to 16.7.6 and 17.4), macOS Sonoma 14.4 and macOS Ventura 13.6.5, and watchOS 10.4. The root cause is insufficient redaction of sensitive user data i...

CVE-2024-23289

A lock screen issue was addressed with improved state management. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. A person with physical access to a device may be able to use Siri to access private calendar information...

CVE-2024-23289

A lock screen issue was addressed with improved state management. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. A person with physical access to a device may be able to use Siri to access private calendar information...

CVE-2024-23289

CVE-2024-23289 affects Apple devices (iOS, iPadOS, macOS, watchOS) with a lock-screen issue where Siri could reveal private calendar data when physical access is available. Technical details across connected docs show affected versions and fixed releases: iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 an...

CVE-2024-23270

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4. An app may be able to execute arbitrary code with kernel privileges...

CVE-2024-23250

An access issue was addressed with improved access restrictions. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. An app may be able to access Bluetooth-connected microphones without user permission...

CVE-2024-23246

This CVE-2024-23246 affects Apple platforms where sandbox escapes were possible in the affected components. According to the public description, the issue was addressed by removing the vulnerable code and is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, and iOS...

CVE-2024-23246

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. An app may be able to break out of its sandbox...

CVE-2024-23246

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. An app may be able to break out of its sandbox...

CVE-2024-23293

CVE-2024-23293 affects Apple devices running iOS/iPadOS 17.4, tvOS 17.4, watchOS 10.4, and macOS Sonoma 14.4. The issue, described as being addressed via improved state management, could allow an attacker with physical access to exploit Siri to access sensitive user data. The fixed versions are t...

CVE-2024-23220

The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.4 and iPadOS 17.4, visionOS 1.1. An app may be able to fingerprint the user...

CVE-2024-23220

The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.4 and iPadOS 17.4, visionOS 1.1. An app may be able to fingerprint the user...

CVE-2024-23220

The CVE-2024-23220 issue affects Apple visionOS, iOS, and iPadOS Safari related to fingerprinting the user due to an issue in cache handling. The vulnerability arises from the Safari component (on Apple Vision Pro platforms) where improper cache handling could allow an app to fingerprint the user...

CVE-2023-28826

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, macOS Monterey 12.7.4, macOS Sonoma 14.1, macOS Ventura 13.6.5. An app may be able to access sensitive user data...

CVE-2023-28826

CVE-2023-28826 affects Apple platforms, where an application may access sensitive user data due to improved redaction of information. The issue is addressed in iOS/iPadOS 16.7.6, macOS Monterey 12.7.4, macOS Sonoma 14.1, and macOS Ventura 13.6.5. CVSSv3.1 vector: LOCAL access, LOW attack complexi...

CVE-2023-28826

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, macOS Monterey 12.7.4, macOS Sonoma 14.1, macOS Ventura 13.6.5. An app may be able to access sensitive user data...

CVE-2024-23277

The issue was addressed with improved checks. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. An attacker in a privileged network position may be able to inject keystrokes by spoofing a keyboard...

CVE-2024-23277

CVE-2024-23277 concerns macOS Sonoma 14.4, iOS 17.4, and iPadOS 17.4. The vulnerability allows an attacker on a privileged network position to inject keystrokes by spoofing a keyboard. Apple’s security content indicates this issue is addressed in the 14.4/17.4 updates. The root cause is tied to k...

CVE-2024-23241

CVE-2024-23241 affects Apple platforms and is an information disclosure issue addressed by Apple in a coordinated update. The NVD entry states improved state management fixes the vulnerability, with the fix shipping in macOS Sonoma 14.4 and iOS/tvOS/iPadOS 17.4. The vulnerability could allow an a...

CVE-2024-23241

This issue was addressed through improved state management. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4. An app may be able to leak sensitive user information...