Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ipad_os
(Apple)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 90 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2024-03-08 | CVE-2024-23239 | A race condition was addressed with improved state handling. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to leak sensitive user information. | Ipad_os, Iphone_os, Macos, Tvos, Watchos | 4.7 | ||
2024-03-08 | CVE-2024-23277 | The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4. An attacker in a privileged network position may be able to inject keystrokes by spoofing a keyboard. | Ipad_os, Iphone_os, Macos | 5.9 | ||
2023-09-28 | CVE-2023-5217 | Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Ipad_os, Iphone_os, Debian_linux, Fedora, Chrome, Edge, Edge_chromium, Firefox, Thunderbird, Enterprise_linux, Libvpx | 8.8 | ||
2021-08-24 | CVE-2021-30900 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1. A malicious application may be able to execute arbitrary code with kernel privileges. | Ipad_os, Ipados, Iphone_os, Macos | 7.8 | ||
2024-03-05 | CVE-2024-23296 | A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited. | Ipad_os, Iphone_os, Macos, Tvos, Visionos, Watchos | 7.8 | ||
2024-03-28 | CVE-2023-42974 | A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Sonoma 14.2. An app may be able to execute arbitrary code with kernel privileges. | Ipad_os, Ipados, Iphone_os, Macos | 7.0 | ||
2024-02-21 | CVE-2023-42843 | An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spoofing. | Ipad_os, Iphone_os, Macos, Safari, Fedora, Webkitgtk, Wpe_webkit | 4.3 | ||
2024-02-21 | CVE-2023-42848 | The issue was addressed with improved bounds checks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. Processing a maliciously crafted image may lead to heap corruption. | Ipad_os, Iphone_os, Macos, Tvos, Watchos | 7.8 | ||
2024-02-21 | CVE-2023-42873 | The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. An app may be able to execute arbitrary code with kernel privileges. | Ipad_os, Iphone_os, Macos, Tvos | 7.8 | ||
2024-03-08 | CVE-2024-23293 | This issue was addressed through improved state management. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An attacker with physical access may be able to use Siri to access sensitive user data. | Ipad_os, Iphone_os, Macos, Tvos, Watchos | 4.6 |