Astra Linux - уязвимость в webkit2gtk

The issue was addressed through improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, and watchOS 10.5. An attacker with arbitrary read and write capabilities may be able to bypass Pointer Authentication...

EUVD-2024-38655

Malicious code in bioql PyPI...

CVE-2020-9910

Multiple issues were addressed with improved logic. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker with arbitrary read and write capability may be able t...

Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks

Apple on Wednesday released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address two security flaws that it said have come under active exploitation in the wild. The vulnerabilities in question are listed below - CVE-2025-31200 CVSS score: 7.5 - A memory corruption...

CVE-2025-31201

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this...

About the security content of visionOS 2.4.1

About the security content of visionOS 2.4.1 This document describes the security content of visionOS 2.4.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

CVE-2024-40815

A race condition was addressed with additional validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication...

SUSE-SU-2024:2043-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - Update to version 2.44.2 - CVE-2024-27834: Fixed a vulnerability where an attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. bsc1225071...

SUSE CVE-2024-27834

The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, watchOS 10.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication...

UBUNTU-CVE-2024-27834

The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, watchOS 10.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication...

CVE-2024-27834

CVE-2024-27834 is a WebKit-related vulnerability where an attacker with arbitrary read/write capability may bypass Pointer Authentication. The issue is identified across WebKitGTK/WebKit2GTK deployments and is addressed by updates across multiple ecosystems: Apple platforms: fixed in iOS 17.5/iPa...

CVE-2024-27834

The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, watchOS 10.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication...

Apple iOS 和 iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. Apple iOS and iPadOS contain a security vulnerability. An attacker could exploit this vulnerability to bypass...

About the security content of watchOS 10.5

About the security content of watchOS 10.5 This document describes the security content of watchOS 10.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are availabl...

CVE-2022-48618

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been...

Authentication flaw

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been...

CVE-2022-48618

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been...

webkit: pointer authentication bypass

A vulnerability was found in Webkit. This flaw allows an attacker with arbitrary read and write capability to bypass pointer authentication...

CVE-2022-32844

A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication...

CVE-2022-26765

A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication...