53 matches found
CVE-2023-32365
The issue was addressed with improved checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, iOS 16.5 and iPadOS 16.5. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication...
CVE-2023-32367
CVE-2023-32367: Apple documents an entitlement-related issue where an app may access user-sensitive data. The vulnerability is mitigated in iOS 16.5 and iPadOS 16.5, and macOS Ventura 13.4 (Patch/UPDATE_REQUIRED). No exploitation details are provided in the connected documents; remediation is to ...
Design/Logic Flaw
The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges...
CVE-2022-32932
CVE-2022-32932 affects Apple’s kernel interface (Apple Neural Engine path) via a double-fetch bug in ANECGetMutableOperationInfo() that can yield an out-of-bounds write when mutable procedure info is manipulated by a concurrent thread. Root cause: op_count is read twice to size and then populate ...
CVE-2022-32795
CVE-2022-32795 corresponds to an Apple Safari/WebKit issue where visiting a malicious website could lead to address bar spoofing. The vulnerability is fixed in iOS 16, iOS 15.7, and iPadOS 15.7. Affected component: Safari/WebKit on Apple mobile platforms; root cause described as an issue in how t...
CVE-2022-32894
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively...
CVE-2022-26751
A memory corruption issue was addressed with improved input validation. This issue is fixed in iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6, macOS Monterey 12.4. Processing a maliciously crafted image may lead to arbitrary code...
CVE-2022-22622
This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions...
CVE-2021-30932
The issue was addressed with improved permissions logic. This issue is fixed in iOS 15.2 and iPadOS 15.2. A person with physical access to an iOS device may be able to access contacts from the lock screen...
CVE-2021-30948
CVE-2021-30948 affects Apple iOS and iPadOS; an inconsistent UI state management bug potentially allows a person with physical access to an iOS device to access stored passwords without authentication. The issue is fixed in iOS 15.2 / iPadOS 15.2. Vulnerable component details are not fully specif...
CVE-2021-30900
CVE-2021-30900 affects Apple’s GPU Drivers in iOS/iPadOS (Smartphone OS); root cause is an out-of-bounds write leading to memory corruption. Impact: potential arbitrary code execution with kernel privileges, exploitable locally. Apple fixes were released in iOS 14.8.1 / iPadOS 14.8.1 and iOS 15.1...
CVE-2020-9787
CVE-2020-9787 is a logic issue in WebKit/Safari affecting macOS Catalina and iOS/watchOS/tvOS platforms where some websites may not appear in Safari Preferences. The issue was addressed with improved restrictions and patches are provided in iOS 13.4 / iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13....
About the security content of iOS 13.5 and iPadOS 13.5 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...