UBUNTU-CVE-2024-23213

The issue was addressed with improved memory handling. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. Processing web content may lead to arbitrary code execution...

CVE-2024-23218

CVE-2024-23218 : A timing side-channel in CoreCrypto could allow decrypting legacy RSA PKCS#1 v1.5 ciphertexts without the private key. Apple patched this in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, and iOS/iPadOS 17.3. The connected sources corroborate the vulnerability and the listed fixes; ...

CVE-2024-23218

A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.4, macOS Sonoma 14.3, macOS Ventura 13.6.5, tvOS 17.3, watchOS 10.3. An attacker...

CVE-2024-23218

A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.4, macOS Sonoma 14.3, macOS Ventura 13.6.5, tvOS 17.3, watchOS 10.3. An attacker...

CVE-2024-23222

Summary (CVE-2024-23222) : A type confusion vulnerability in Apple WebKit leads to arbitrary code execution when processing malicious web content. The issue affects multiple Apple platforms and is fixed in versions listed by the sources: iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, and...

CVE-2024-23222

A type confusion issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 15.8.7 and iPadOS 15.8.7, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, tvOS 17.3, visionOS 1.0.2. Processing maliciously...

CVE-2023-42937

CVE-2023-42937 describes a privacy issue in Apple platforms where private data redaction in log entries could allow an app to access sensitive user data. Root cause: inadequate redaction during logging. Affected products/versions include iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 1...

CVE-2023-42937

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. An app may be able to access sensitive user data...

CVE-2023-42937

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. An app may be able to access sensitive user data...

CVE-2024-23214

CVE-2024-23214 involves multiple memory corruption issues in Web content handling. Root cause: improved memory handling fixed in macOS Sonoma 14.3, iOS 16.7.5/iPadOS 16.7.5, and iOS 17.3/iPadOS 17.3, with arbitrary code execution impact if exploited. Connected Nessus entry notes some Linux distri...

CVE-2024-23215

CVE-2024-23215 affects Apple platforms via an issue in the handling of temporary files that may allow an app to access user‑sensitive data. The affected products are macOS Sonoma 14.3; watchOS 10.3; tvOS 17.3; iOS 17.3; and iPadOS 17.3. Apple has addressed the vulnerability in these releases. The...

CVE-2024-23203

The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.5. A shortcut may be able to use sensitive data with certain actions without prompting the user...

CVE-2024-23203

CVE-2024-23203 affects Apple Shortcuts on macOS Sonoma 14.3, iOS 17.3, and iPadOS 17.3. A shortcut may access sensitive data via certain actions without prompting the user. Root cause: insufficient permissions checks; fixed by additional permissions checks. Remediation: update to macOS Sonoma 14....

CVE-2024-23215

An issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. An app may be able to access user-sensitive data...

CVE-2024-23223

CVE-2024-23223 describes a privacy issue resolved by Apple in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. The issue allows an app to access sensitive user data due to improved handling of files. The NVD/CNA metrics list a low attack complexity, local attack vector, no pr...

CVE-2024-23223

A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. An app may be able to access sensitive user data...

CVE-2024-23219

The issue was addressed with improved authentication. This issue is fixed in iOS 17.3 and iPadOS 17.3. Stolen Device Protection may be unexpectedly disabled...

CVE-2024-23219

Apple CVE-2024-23219 is an authentication flaw affecting Stolen Device Protection that could be unexpectedly disabled. Connected sources confirm the issue is addressed with improved authentication and fixed in iOS 17.3 and iPadOS 17.3. Affected versions are prior to 17.3. Remediation: update to i...

CVE-2024-23219

The issue was addressed with improved authentication. This issue is fixed in iOS 17.3 and iPadOS 17.3. Stolen Device Protection may be unexpectedly disabled...

CVE-2024-23204

CVE-2024-23204 affects macOS Shortcuts (and related OSes) with a root cause of insufficient permissions checks that could allow a shortcut to access sensitive data via certain actions without prompting the user. The issue is fixed in macOS Sonoma 14.3 and across watchOS 10.3, iOS 17.3 and iPadOS ...