CVE-2022-46710

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Location data may be shared via iCloud links even if Location metadata is disabled via the Share Sheet...

CVE-2022-46710

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Location data may be shared via iCloud links even if Location metadata is disabled via the Share Sheet...

CVE-2022-46710

CVE-2022-46710 covers a logic issue in iCloud Photo Library where Location data may be shared via iCloud links even if Location metadata is disabled in the Share Sheet. Affected: iOS 16.2, iPadOS 16.2, and macOS Ventura 13.1 (and related Apple security content). Root cause: improper checks around...

CVE-2023-41075

A type confusion issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4. An app may be able to execute arbitrary code with kernel privileges...

CVE-2023-42862

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing an image may result in disclosure of process memory...

CVE-2023-42862

The CVE-2023-42862 entry describes an out-of-bounds read in image processing that could disclose process memory. Affected products include Apple platforms where ImageIO handles images; fixes are in macOS Ventura 13.3, tvOS 16.4, iOS 16.4, and iPadOS 16.4, with related Apple Security content entri...

CVE-2023-32424

CVE-2023-32424 affects Apple platforms (iOS 16.4 / iPadOS 16.4 / watchOS 9.4). The issue stems from improved memory handling in the kernel, and an attacker who already achieved kernel code execution may bypass kernel memory mitigations. A patch is included in iOS 16.4 / iPadOS 16.4 / watchOS 9.4....

CVE-2023-40385

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14, Safari 17, iOS 17 and iPadOS 17. A remote attacker may be able to view leaked DNS queries with Private Relay turned on...

CVE-2023-40385

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14, Safari 17, iOS 17 and iPadOS 17. A remote attacker may be able to view leaked DNS queries with Private Relay turned on...

CVE-2023-40385

CVE-2023-40385 affects Apple platforms: macOS Sonoma 14, Safari 17, iOS 17, and iPadOS 17. The issue stems from vulnerable code related to DNS query handling that could allow a remote attacker to view leaked DNS queries when Private Relay is enabled. The public documents consistently state that A...

CVE-2023-32366

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.7.5, macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4. Processing a font file may lead to arbitrary code execution...

CVE-2023-41974

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, iOS 15.8.7 and iPadOS 15.8.7. An app may be able to execute arbitrary code with kernel privileges...

CVE-2023-41974

CVE-2023-41974 is a kernel-use-after-free vulnerability in Apple iOS/iPadOS that was leveraged by the Coruna exploit framework. The CVE description notes that exploitation may allow an app to execute arbitrary code with kernel privileges, with fixes shipped in iOS/iPadOS 17 and in iOS 15.8.7 / iP...

CVE-2023-41974

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, iOS 15.8.7 and iPadOS 15.8.7. An app may be able to execute arbitrary code with kernel privileges...

CVE-2023-41060

CVE-2023-41060 describes a kernel-type confusion vulnerability that is fixed in macOS Sonoma 14, iOS 17, and iPadOS 17. The root cause is a type confusions issue in the kernel that can allow a remote attacker to execute code with kernel privileges. Affected platforms, per public records, include ...

CVE-2023-41060

A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. A remote user may be able to cause kernel code execution...

CVE-2023-42831

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to fingerprint the user...

CVE-2023-42866

CVE-2023-42866 affects Apple platforms (macOS, iOS/iPadOS, tvOS, Safari, watchOS) where processing web content could lead to arbitrary code execution. The issue is attributed to memory handling vulnerabilities and is fixed in macOS Ventura 13.5, iOS 16.6 / iPadOS 16.6, tvOS 16.6, Safari 16.6, and...

CVE-2023-42866

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, tvOS 16.6, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution...

CVE-2023-42870

CVE-2023-42870 describes a use-after-free vulnerability fixed via memory-management improvements. Affected platforms include Apple macOS Sonoma 14, iOS 17, and iPadOS 17. The issue could allow an app to execute arbitrary code with kernel privileges. Public documentation in the initial record cite...