Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Iphone_os
(Apple)| Repositories |
• https://github.com/madler/zlib
• https://github.com/file/file • https://github.com/WebKit/webkit • https://github.com/vadz/libtiff |
| #Vulnerabilities | 3498 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-09-17 | CVE-2024-40857 | This issue was addressed through improved state management. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to universal cross site scripting. | Ipados, Iphone_os, Macos, Safari, Tvos, Visionos, Watchos | 6.1 | ||
| 2024-09-17 | CVE-2024-40840 | This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to use Siri to access sensitive user data. | Ipados, Iphone_os | 4.6 | ||
| 2024-09-17 | CVE-2024-40856 | An integrity issue was addressed with Beacon Protection. This issue is fixed in iOS 18 and iPadOS 18, tvOS 18, macOS Sequoia 15. An attacker may be able to force a device to disconnect from a secure network. | Ipados, Iphone_os, Macos | 7.5 | ||
| 2024-09-17 | CVE-2024-40863 | This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to leak sensitive user information. | Ipados, Iphone_os | 5.5 | ||
| 2024-09-17 | CVE-2024-44124 | This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. A malicious Bluetooth input device may bypass pairing. | Ipados, Iphone_os | 6.5 | ||
| 2024-09-17 | CVE-2024-44176 | An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma 14.7, tvOS 18. Processing an image may lead to a denial-of-service. | Ipados, Iphone_os, Macos, Tvos, Visionos, Watchos | 5.5 | ||
| 2024-09-17 | CVE-2024-44187 | A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin. | Ipados, Iphone_os, Macos, Safari, Tvos, Visionos, Watchos | 6.5 | ||
| 2024-09-17 | CVE-2024-27880 | An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma 14.7, tvOS 18. Processing a maliciously crafted file may lead to unexpected app termination. | Ipados, Iphone_os, Macos, Tvos, Visionos, Watchos | 5.5 | ||
| 2024-09-17 | CVE-2024-40791 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access information about a user's contacts. | Ipados, Iphone_os, Macos | 3.3 | ||
| 2024-09-17 | CVE-2024-40844 | A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to observe data displayed to the user by Shortcuts. | Ipados, Iphone_os, Macos | 5.5 |