8351 matches found
CVE-2023-23504
CVE-2023-23504 is an Apple vulnerability where a memory-handling issue could allow an app to execute arbitrary code with kernel privileges. The fixed versions include macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, iOS 15.7.3, iPadOS 15.7.3, tvOS 16.3, iOS 16.3, and iPadOS 16.3. Sources c...
CVE-2023-23496
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, watchOS 9.3, iOS 15.7.2 and iPadOS 15.7.2, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2023-23503
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to bypass Privacy preferences...
CVE-2023-23520
CVE-2023-23520 involves a race condition in the Apple Crash Reporter that could allow a user to read arbitrary files as root. The issue was addressed with additional validation and patched in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3, and iPadOS 16.3. Affected components and exact root...
CVE-2023-23500
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to leak sensitive kernel state...
CVE-2023-23531
CVE-2023-23531 affects Apple platforms (macOS Ventura 13.2, iOS 16.3, iPadOS 16.3) and was caused by memory-handling issues that could let an app execute arbitrary code in its sandbox or with elevated privileges. Apple indicates the issue is fixed in the listed updates. Any exploitation requires ...
CVE-2022-32855
CVE-2022-32855 is an Apple vulnerability affecting the iOS/iPadOS Home component, caused by a logic issue in state management that could allow a user to view restricted content from the lock screen. Apple fixed this with iOS 15.6 and iPadOS 15.6. The CVE is documented across multiple feeds (NVD, ...
CVE-2022-26760
CVE-2022-26760 is a memory corruption issue in Apple's Wi‑Fi stack that was addressed with improved state management. Affected products are iOS and iPadOS; fixed in iOS 15.5 / iPadOS 15.5. Remediation: update to the 15.5 (or later) releases. Exploitation details are not provided in the supplied d...
CVE-2022-32949
CVE-2022-32949 : Apple lists this as an issue affecting iOS/iPadOS with the impact that an app may be able to execute arbitrary code with kernel privileges. The Apple security content for iOS 15.7.1 / iPadOS 15.7.1 (and tvOS 16) states the issue is fixed by updated checks and memory handling. The...
CVE-2022-46705
CVE-2022-46705 is a spoofing vulnerability in the handling of URLs that can enable address-bar spoofing when visiting a malicious site. The initial description notes improved input validation and lists affected platforms (Apple products) with fixes in iOS 16.2, iPadOS 16.2, macOS Ventura 13.1, an...
CVE-2023-23496
CVE-2023-23496 affects Apple Safari/WebKit components; exploitation arises from processing maliciously crafted web content, leading to arbitrary code execution. Publicly documented impact includes macOS Ventura 13.2, macOS Monterey Big Sur/Big Sur? /, iOS 15.7.2 / 16.3, iPadOS 15.7.2 / 16.3, watc...
CVE-2023-23500
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to leak sensitive kernel state...
CVE-2023-23500
CVE-2023-23500 is a memory-handling issue in Apple operating systems that could allow an app to leak sensitive kernel state. The vulnerability is addressed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, and in older releases iOS 15.7.3/iPadOS 15.7.3, tvOS 16.3, and watchOS 9.3. Connected source...
CVE-2022-32830
An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information...
CVE-2023-23524
The CVE-2023-23524 issue is a denial-of-service vulnerability caused by improper input validation when processing a certificate. Affected Apple platforms include tvOS 16.3.2, iOS 16.3.1 / iPadOS 16.3.1, watchOS 9.3.1, and macOS Ventura 13.2.1. The root cause is improved input validation in the so...
CVE-2022-42826
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2023-23529
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this...
CVE-2022-46705
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a malicious website may lead to address bar spoofing...
Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac Devices
Apple has revised the security advisories it released last month to include three new vulnerabilities impacting iOS, iPadOS, and macOS. The first flaw is a race condition in the Crash Reporter component CVE-2023-23520 that could enable a malicious actor to read arbitrary files as root. The iPhone...
SUSE CVE-2019-8846
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code...