PT-2023-27444 · Apple · Macos Monterey +7

Name of the Vulnerable Software and Affected Versions: macOS Ventura versions prior to 13.6 tvOS versions prior to 17 iOS versions prior to 16.7 iPadOS versions prior to 16.7 macOS Monterey versions prior to 12.7 watchOS versions prior to 10 iOS versions prior to 17 iPadOS versions prior to 17...

PT-2023-5652

Name of the Vulnerable Software and Affected Versions macOS versions prior to 13.6 macOS Monterey versions prior to 12.7 macOS Sonoma versions prior to 14 tvOS versions prior to 17 iOS versions prior to 16.7 iOS versions prior to 17 iPadOS versions prior to 16.7 iPadOS versions prior to 17 watchO...

About the security content of iOS 16.7 and iPadOS 16.7

About the security content of iOS 16.7 and iPadOS 16.7 This document describes the security content of iOS 16.7 and iPadOS 16.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...

PT-2023-5809 · Apple · Ios +3

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.6 tvOS versions prior to 17 iOS versions prior to 16.7 iPadOS versions prior to 16.7 Description: The issue is related to a buffer overflow in the Pro Res component of the operating systems, which may allow an...

PT-2023-5653 · Apple · Ipados +4

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.6 macOS versions prior to 12.7 tvOS versions prior to 17 watchOS versions prior to 10 iOS versions prior to 17 iPadOS versions prior to 17 macOS versions prior to 14 Description: The issue is related to insufficient...

PT-2024-13069 · Apple · Macos Monterey +4

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 17 iPadOS versions prior to 17 macOS Sonoma versions prior to 14 macOS Ventura versions prior to 13.6 macOS Monterey versions prior to 12.7 Description: A path handling issue was addressed with improved validation. This...

About the security content of iOS 17 and iPadOS 17

About the security content of iOS 17 and iPadOS 17 This document describes the security content of iOS 17 and iPadOS 17. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

Code injection

The issue was addressed with improved handling of caches. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, macOS Monterey 12.6.8, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Ventura 13.2, watchOS 9.3. Processing a font file may lead to arbitrary code execution. Apple is...

Information disclosure

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8. An app may be able to read sensitive location information...

CVE-2023-40442

The CVE-2023-40442 issue affects Apple platforms (iOS, iPadOS, macOS) where privacy data could be exposed via log entries containing sensitive location information. Root cause: inadequate redaction of private data in logs. Impact: information disclosure risk on affected builds. Affected versions ...

CVE-2023-41990

The CVE-2023-41990 issue affects Apple platforms (iOS, iPadOS, macOS, tvOS, watchOS) and was triggered by processing a font file, with the root cause tied to cache handling. It can lead to arbitrary code execution and is rated high severity (local access, user interaction required) per the report...

Apple iOS and iPadOS Log Information Disclosure Vulnerability

Apple iOS and Apple iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets.The vulnerabilities in Apple iOS before 15.7.8 and iPadOS before 15.7.8 are due to log information leaks. A log information...

About the security content of iOS 15.7.9 and iPadOS 15.7.9

About the security content of iOS 15.7.9 and iPadOS 15.7.9 This document describes the security content of iOS 15.7.9 and iPadOS 15.7.9. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow Vulnerability

Apple iOS, iPadOS, and macOS contain a buffer overflow vulnerability in ImageIO when processing a maliciously crafted image, which may lead to code execution. This vulnerability was chained with CVE-2023-41061...

Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability

Apple iOS, iPadOS, and watchOS contain an unspecified vulnerability due to a validation issue affecting Wallet in which a maliciously crafted attachment may result in code execution. This vulnerability was chained with CVE-2023-41064...

Arbitrary Code Execution Vulnerability in Various Apple Products (CNVD-2023-68416)

iOS is a mobile operating system developed by Apple. iPadOS is a family of mobile operating systems developed by Apple based on iOS. watchOS is the operating system for Apple Watch. Arbitrary code execution vulnerability exists in several Apple products, which can be exploited by an attacker to...

The Milesight UR32L is a 4G industrial router from China's Milesight. A buffer overflow vulnerability exists in the Milesight UR32L set_qos function, which can be exploited by an attacker to cause a buffer overflow and execute arbitrary code on the system, or cause an application to crash.

iOS is a mobile operating system developed by Apple. iPadOS is Apple's family of mobile operating systems based on iOS. macOS Ventura is Apple's desktop operating system. An arbitrary code execution vulnerability exists in several Apple products, which can be exploited by an attacker to send...

Apple Rushes to Patch Zero-Day Flaws Exploited for Pegasus Spyware on iPhones

Apple on Thursday released emergency security updates for iOS, iPadOS, macOS, and watchOS to address two zero-day flaws that have been exploited in the wild to deliver NSO Group's Pegasus mercenary spyware. The issues are described as below - CVE-2023-41061 - A validation issue in Wallet that...

ZeroDay vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed two ZeroDay vulnerabilities in iOS and iPadOS. A malicious person could exploit the vulnerabilities to execute arbitrary execute arbitrary code as a user of the system. Successful exploitation requires the malicious party to trick the victim into opening a rogue image, or opening ...

CVE-2023-41061

A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited...