PT-2024-31037 · Apple · Ipados +3

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 18.0.1 iPadOS versions prior to 18.0.1 Description: A logic issue was addressed with improved validation, allowing a user's saved passwords to be read aloud by VoiceOver. This issue is related to the VoiceOver feature in...

Update now! Apple releases patch for zero-day vulnerability

Apple has released new security updates for several products, including a patch for a zero-day vulnerability that could impact iPhones, iPad, Macs, and Apple TVs. Apple says it’s aware of a report that the bug may have been exploited already. Further details about the nature of the vulnerability...

Apple Fixes First Actively Exploited Zero-day of 2024

Summary: The CVE-2024-23222 vulnerability in Apples WebKit is actively being exploited, as the processing of maliciously crafted web content may result in arbitrary code execution, posing a severe threat to the security and control of affected tvOS, iPhones, iPads, and macOS. Immediate updating i...

A Flaw in Millions of Apple, AMD, and Qualcomm GPUs Could Expose AI Data

Patching every device affected by the LeftoverLocals vulnerability—which includes some iPhones, iPads, and Macs—may prove difficult...

Apple Issues Urgent Security Patches for Zero-Day Vulnerabilities

By Waqas Immediate Action Required: Update Your Apple Devices, Including iPads, MacBooks, and iPhones, NOW! This is a post from HackRead.com Read the original post: Apple Issues Urgent Security Patches for Zero-Day Vulnerabilities...

Apple Tackles Zero-Day Flaws Impacting iPhones and Macs

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple has addressed zero-day vulnerability exploited in targeted attacks on iPhones, Macs, and iPads. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...

Microsoft (& Apple) Patch Tuesday, April 2023 Edition

Microsoft today released software updates to plug 100 security holes in its Windows operating systems and other software, including a zero-day vulnerability that is already being used in active attacks. Not to be outdone, Apple has released a set of important updates addressing two zero-day...

Apple Addressed A Zero-day Vulnerability With An Emergency Security Update

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple has released an emergency security update to fix a zero-day vulnerability, CVE-2023-23529, that could be used to hack iPhones, iPads, and Macs. The vulnerability was found in WebKit and coul...

Apple Patches Actively Exploited WebKit Zero Day

Apple has patched yet another zero-day vulnerability, this time in its WebKit browser engine, that threat actors already are actively exploiting to compromise iPhones, iPads and MacOS devices. The zero-day, tracked as CVE-2022-22620, is a Use-After-Free issue, which is related to incorrect use of...

Apple releases emergency update: Patch, but don’t panic

Spyware developed by the company NSO Group is back in the news today after Apple released an emergency fix for iPhones, iPads, Macs, and Apple Watches. The update fixes a vulnerability silently exploited by software called Pegasus, which is often used in high-level surveillance campaigns by...

New Tool Can Jailbreak Any iPhone and iPad Using An Unpatched 0-Day Bug

The hacking team behind the "unc0ver" jailbreaking tool has released a new version of the software that can unlock every single iPhone, including those running the latest iOS 13.5 version. Calling it the first zero-day jailbreak to be released since iOS 8, unc0ver's lead developer Pwn20wnd said...

A Flaw in Billions of Wi-Fi Chips Let Attackers Decrypt Data

Affected devices include iPhones, iPads, Macs, Amazon Echos and Kindles, Android devices, and various Wi-Fi routers...

XNU Kernel iOS / macOS heap buffer overflow Exploit

The vulnerability is a heap buffer overflow in the networking code in the XNU operating system kernel. XNU is used by both iOS and macOS, which is why iPhones, iPads, and Macbooks are all affected. My exploit PoC just overwrites the heap with garbage, which causes an immediate kernel crash and...

Apple iOS 11.x - Webkit Filter Backdrop DoS Vulnerability

Document Title: =============== Apple iOS 11.x - Webkit Filter Backdrop DoS Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2150 View Video: https://www.youtube.com/watch?v=oKtF9q15Unw Release Date: ============= 2018-09-19 Vulnerability Laboratory ID...

Apple iOS 11.x - Webkit Filter Backdrop DoS Vulnerability

Document Title: =============== Apple iOS 11.x - Webkit Filter Backdrop DoS Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2150 View Video: https://www.youtube.com/watch?v=oKtF9q15Unw Release Date: ============= 2018-09-18 Vulnerability Laboratory ID...

PayPal Inc #86 iOS 4.6 - Validation & Design Vulnerability

Document Title: =============== PayPal Inc 86 iOS 4.6 - Validation & Design Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=915 PayPal Security UID: eff8aq Release Date: ============= 2014-09-29 Vulnerability Laboratory ID VL-ID:...

PayPal Inc #86 iOS 4.6 - Validation & Design Vulnerability

Document Title: =============== PayPal Inc 86 iOS 4.6 - Validation & Design Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=915 PayPal Security UID: eff8aq Release Date: ============= 2014-09-29 Vulnerability Laboratory ID VL-ID:...

Slideshow: Ten Tips For Protecting Your Devices From Seizure By U.S. Customs

VIEW SLIDESHOW Ten Tips For Protecting Your Devices From Seizure By U.S. Customs Fourth amendment be damned. With U.S. Customs agents increasingly interested in the contents of digital devices like iPhones, iPads and laptops, The Electronic Frontier Foundation has issued guidance for getting your...